Security strategies for IoT top the CSO agenda

9 Jan 2017

Phishing, ransomware and internet of things are top of mind for CSOs. Image: chombosan/Shutterstock

Nearly half of companies surveyed are investing in a security strategy for the internet of things (IoT), according to the PwC Global State of Information Security report.

The report found that security strategies are becoming more nuanced and considered, with more thought going into sophisticated measures. The survey measured over 10,000 participants in 133 countries.

It found that more than 56pc of companies are focused on employee training, specifically to counter phishing threats. Most ransomware incidents occur when employees fall prey to phishing attacks.

‘There is a distinct transformation in how business leaders are viewing cybersecurity and technology’

Phishing is the most cited vector of cybersecurity incidents this year, with 43pc of large businesses reporting phishing incidents.

More than half (57pc) are using biometrics and other advanced authentication technologies to provide an extra layer of security.

As the IoT continues to grow, organisations are beginning to update their cybersecurity safeguards, with 46pc of respondents investing in a security strategy for the IoT.

More firms trust the cloud

“Clients are investing in security to provide them with a competitive advantage,” said Pat Moran, PwC Ireland cybersecurity leader.

“I see more confidence from clients in leveraging from cloud-based technologies to identify cyber threats. They are also entering into managed services solutions to allow them to focus on their core business, with the comfort that they are applying the best security techniques available to protect their information assets.

“There is a distinct transformation in how business leaders are viewing cybersecurity and technology – no longer seeing technology as a threat and understanding that cybersecurity is a vital component that must be adopted into the business framework. To remain competitive, organisations today must make a budgetary commitment to the integration of cybersecurity with digitisation from the outset.”

The study also found that more organisations are running sensitive business functions in the cloud.

The majority of organisations around the world – 63pc of survey respondents – say they run IT services in the cloud.

Approximately one-third of organisations were found to entrust finance and operations to cloud providers, reflecting the growing trust in cloud models.

“The fusion of advanced technologies with cloud architectures can empower organisations to quickly identify and respond to threats, better understand customers and the business ecosystem, and ultimately reduce costs,” said Leonard McAuliffe, director of cybersecurity practice at PwC Ireland.

“Cloud models have become more popular in recent years, and that trend will likely only continue as the benefits become increasingly clear,” McAuliffe said.

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years