A joint report from Intel‘s security business and the Center for Strategic and International Studies has identified three areas of misaligned incentives that affect an organization’s ability to deter cyber criminals.
Intel said Tuesday it commissioned research firm Vanson Bourne to survey more than 800 security executives and professionals across five industries such as the financial, government and healthcare sectors for the “Tilting the Playing Field: How Misaligned Incentives Work Against Cybersecurity” report.
Respondents to the survey originated from the U.S., Australia, France, Brazil, Germany, Mexico, Japan, Singapore and the U.K.
The study found that 42 percent of cybersecurity implementers reported they were not offered incentives by their organizations, compared with 18 percent of decision-makers and eight percent of leaders who reported that no incentives exist.
“For IT and cyber professionals in government and business to compete with attackers, they need to be as nimble and agile as the criminals they seek to apprehend, and provide incentives that IT staff value,” said Candace Worley, vice president of enterprise solutions at Intel’s security unit.
Ninety-three percent of organizations surveyed developed a cybersecurity strategy and only 49 percent moved to fully implement such strategy, the study found.
Intel found that public sector respondents were the least likely to report their organizations as having implemented a cybersecurity strategy.
The study also showed that the percentage of agencies that lack funds and staff for cybersecurity programs was higher than that of private companies, according to Intel.
Eighty-three percent of all survey respondents said their organizations have experienced a breach.