Close to two-thirds of global IT professionals oppose giving governments backdoor access to encrypted information systems, and 59% feel that privacy is being compromised in an effort to implement stronger cybersecurity laws.
The ISACA survey of 2,920 members in 121 countries also reveals marked skepticism about the likelihood of organizations sharing data breach information voluntarily as called for by the recently passed U.S. Cybersecurity Information Sharing Act of 2015.
Results shows mixed attitudes toward sharing information after a data breach. Eighty-three percent of those polled favor regulation requiring companies to notify customers within 30 days of the discovery of a data breach – a 10-point increase in little more than a year.
72% of US respondents say they are in favor of the U.S. Cybersecurity Information Sharing Act of 2015, which encourages cyberthreat information sharing between the government and the private sector. Yet, only 46% believe their own organization would do so voluntarily if it experiences a data breach.
“The Cybersecurity Snapshot shows that the professionals on the front lines of the cyberthreat battle recognize the value of information-sharing among consumers, businesses and government, but also know the challenges associated with doing so,” said Christos Dimitriadis, international president of ISACA. “Cybersecurity has become a high-stakes, boardroom-level issue that can have crippling consequences for any C-suite executive who lacks knowledge about the issues and risks. Strong public-private collaboration and ongoing knowledge-sharing are needed to safeguard our organizations from cybercriminals.”
Top three threats for 2016
The three threats that global IT and security professionals are most concerned about for their organization this year are:
- Social engineering (52%)
- Insider threats (40%)
- Advanced persistent threats (APT) (39%)
These items outranked options frequently associated with cyberattacks, including malware, unpatched systems and distributed denial-of-service attacks.
Cyber skills gap still a big problem
According to the findings, the cybersecurity skills gap continues to pose a significant obstacle to organizations seeking to expand their cyber workforce. Close to half (45%) of those surveyed worldwide report that they are hiring more cybersecurity professionals in 2016, yet fully 94% of those hiring say it will be difficult to find skilled candidates. Identifying who has adequate skills and knowledge will also be difficult, say more than six in 10 survey participants.
“The aggressive increase in cyberattacks worldwide is feeding a growing chasm between demand and supply in the cybersecurity talent wars. It is also shedding light on a critical problem in our industry: identifying job candidates who are truly qualified to safeguard corporate assets in a landscape that is highly complex and constantly evolving,” said Eddie Schwartz, international vice president of ISACA.