In 2004, October was declared Cybersecurity Awareness Month by the Department of Homeland Security and the National Cyber Security Alliance to help users protect themselves and their personal data online, and bring awareness to the increasing volume of cyberattacks.

Key Takeaways:

The majority (87%) of security leaders are aware of what caused their security incidents over the past year. Keeping in line with this year’s Cybersecurity Awareness Month theme “See Yourself in Cyber”, the number one cause of security incidents in non-malicious user error. To combat this, organizations must ensure that their employees are making smart decisions on behalf of their company through continued awareness and training.

Additional security incident causes are:

  • Security vulnerabilities at 3rd party organizations
  • Unpatched software vulnerabilities
  • Misconfiguration of services or systems on or off prem

Security leaders feel their organizations are falling short when it comes to addressing cyber risk, cited by 90% of survey respondents. Here are the specific areas they pointed out:

  • Difficulty convincing all, or parts of our organization, of the severity of the risks we face (27%)
  • Not investing enough resources to address the risks we face (26%)
  • We struggle to find, acquire, and/or retain the technical or professional expertise we need (25%)
  • We are not proactive enough when it comes to our security strategy (25%)
  • Inadequate security training for users (24%)

To better prepare for future incidents, organizations are prioritizing:

  • Upgrading IT and data security to boost corporate resiliency
  • Improve/increase security awareness among end-users through training
  • Improve the protection of confidential and sensitive data

Top challenges redirecting the time of security leaders:

  1. Meeting governance and compliance regulations
  2. Employee awareness and training issues
  3. Unanticipated business risks
  4. Preparing for or addressing risks from cyber threats originating from outside the organization
  5. Budgetary constraints/demonstrating ROI

Security leaders also state that employee retention/hiring skilled and qualified workers is one of their top challenges. To address the cybersecurity skills shortage, security leaders are:

  • Asking current staff to take on more responsibilities (45%)
  • Utilizing technologies that automate security practices (45%)
  • Outsourcing security functions (42%)

We hope these insights help you secure your marketing plan to reach security decision-makers this Cybersecurity Awareness Month. To receive additional data points from this year’s study, download our full white paper here. To request a meeting with a Foundry sales executive to walk through the full study, please complete the form to the right.