Cybersecurity is a moving target that has only accelerated and become less predictable since the start of a digital transformation that is reshaping industries. However, according to a new Pillsbury report titled Cybersecurity: Confidence or Crisis?, many businesses are still unprepared for the data protection challenges that lie ahead.
“More and more companies are handling sensitive data,” said Pillsbury partner and Cybersecurity, Data Protection & Privacy co-leader Deborah Thoren-Peden. “While many businesses are confident in their current cybersecurity infrastructure, the stakes are simply too high not to carefully examine their cybersecurity programs, especially given the inconsistencies we discovered in our survey.”
The report’s findings are based on an extensive survey of corporate board members, C-level executives, and in-house counsel, which was conducted in collaboration with Mergermarket. Representatives from companies all over the world and from various industries were asked to share information about their corporate cybersecurity and data protection policies anonymously in order to identify common gaps and better understand where and why they exist.
The following are some of the survey’s key findings:
• While the vast majority of TMT and financial services executives are confident in their existing cybersecurity capabilities, only 34% of respondents in Energy, Mining, and Utilities are.
• Only 2% of respondents said C-level executives have ultimate responsibility for cybersecurity concerns at their organizations, and one in every six organizations does not have a dedicated in-house cybersecurity response team.
• Only 51% of respondents in the survey have dedicated cybersecurity insurance, and only 47% have a corporate policy in place to respond to ransomware attacks.
• Despite the speed and complexity of cybersecurity and data privacy regulation, one-third of respondents report that no one on their staff is actively tracking related legal developments.