IBM A cyber security report for corporate executives was released today , Including the views of enterprise executives on network security risks , Experience in network security work , And what should be considered in the future .
The respondents to the report are , From all over the world 18 Different industries , Including central and North America 、 Europe and Africa 、 The Middle East and the Asia Pacific region share 29 A country's 700 A top management executive .
Safety bull got the full report at the first time , And after an overall study of the report , The main conclusions of the report are as follows ：
One 、IT Security risk has become the primary concern of enterprises
It is worth noting that , Executives are right about IT Concerns about risk dilute concerns about existing infrastructure vulnerabilities , But in fact, these loopholes are still the biggest security risks of enterprises , And with the emergence of new technologies , The crisis of the original loophole has become more serious .
The good news is ,75% A comprehensive cybersecurity plan, according to a majority of executives “ Important or extremely important ”, defense 、 testing 、 Components of the cyber security plan, such as response and remediation, have also been 74% To 78% 's executives think “ Important or extremely important ”.
What's interesting is that , These executives may have overestimated the possibility of serious network security incidents in the enterprise .38% Of the people who believe in 2 During the year, we will find serious network security incidents , But according to 2015 Year of “ Data leakage cost investigation ” It is estimated that , The number is only 22%.
Two 、 Only CEO Agreed to strengthen cooperation with the government 、 Industry cooperation
Although most CEO Agree that there is a need to strengthen cooperation with the government 、 Industry and cross-border cooperation , But about 68% Other managers in the U.S. are resistant to such cooperation .
Although in terms of sharing and cooperation CEO Walk in the front , But they are the least optimistic about the completeness of the enterprise's network security strategy , Only 51% Of CEO We think that our network security strategy is complete .
3、 ... and 、 On the seven elements of network security strategy and tactics
3 There are two strategic components by ：
Assess potential security issues in all programs （ Top management cooperation ）
Identify key enterprise data （ Core assets ）
For intrusion events , Develop an effective response plan （ Inside and outside ）
4 It's a tactical component by ：
Have the necessary defense practices and tools （ defense ）
Deploy continuous monitoring and detection tools （ testing ）
Implement a comprehensive response plan （ Respond to ）
Implement remedial plans to enhance security （ Remedy ）
What executives think of these particular elements , There are three obvious centralizations , See the picture below ：
Safety bull review
The views and ideas of senior managers of enterprises , It affects the overall progress level and development direction of the enterprise . And only when network security goes up to this level , Only in this way can an enterprise do a good job in a comprehensive way 、 Systematic safety protection system planning and construction , Security experts or consultants can more effectively help enterprises sort out the current situation of network security , And deal with the future IT risk .