How Companies Can Win the War on Cybersecurity

By Aliah D. Wright June 3, 2015

Businesses are not giving up on defending themselves from cyberattacks—even though the outlook may seem bleak.

According to Verizon’s 2015 Data Breach Investigations Report, companies lost an estimated $400 million as a result of 700 million compromised records worldwide.

And, as the Society for Human Resource Management reported earlier this year, 37 percent of respondents to an International Foundation of Employee Benefit Plans (IFEBP) poll said their biggest worry was being the victim of a cyberattack—an increase of nearly 75 percent from five years ago.

New York City-based venture capitalist company CB Insights reports that within the last five years, $7.3 billion has been invested into 1,208 private cybersecurity startups.

Many information security professionals believe that by 2018, organizations can win the war against cyberattacks, according to the newly released 2015 Global Megatrends in Cybersecurity research report.

Sponsored by Raytheon and independently conducted by the Ponemon Institute, information security leaders identified the most important trends for the next three years and recommended that organizations do the following:

  • Prepare to deal with external threats such as nation-state attackers, cyberwarfare or cyberterrorism. More resources should be allocated to dealing with an increasingly sophisticated and stealthy cybercriminal, the report stated.
  • Prepare a strategy to manage the risks that will be posed by the Internet of Things, which refers to devices beyond smartphones and tablets that connect to the Internet. The report said that organizations should “conduct a security impact assessment on how the Internet of Things will impact your organization’s security posture.”
  • Be mindful of the burgeoning adoption of virtual money, which will pose more risks to customers and businesses.
  • Figure out how to effectively implement the use of “big data.” Data analytics will impact organizations in negative and positive ways. While the positive side to this will be the increased availability of analytics that can help thwart cyberattacks, the negative will be the challenge in protecting a vast amount of confidential and sensitive information.
  • Recruit cybersecurity experts and provide professional development for your staff in matters of cybersecurity. “A key differentiator among organizations will be the ability to hire and retain knowledgeable and experienced cybersecurity practitioners,” the report stated.
  • Invest in trusted technologies that help to thwart attacks. This not only includes cybersecurity technologies, but also firewalls and data encryption.
  • Hold cybersecurity training and awareness programs regularly. “These programs are critical in making employees and contractors the first line of defense against malicious or criminal activity,” the report said.

“While leadership for cybersecurity initiatives will improve, other governance issues will become more troublesome,” the report predicted. “These [issues] are the inability to secure access rights to data, systems and physical spaces, complexity of business and IT operations, the growth of unstructured data assets, and the inability to integrate disparate technologies.”

The report also suggested that organizations prepare to manage “the increasing litigious environment due to class action and tort litigation over cyber breaches.” Organizations should expect to experience a rise in costs due to compliance obligations that mandate they protect data.

The report was conducted among more than 27,000 senior-level IT and IT security professionals in the United States, Europe, and the Middle East and North Africa.

Aliah D. Wright is an online editor/manager for SHRM.


Job Finder

Find an HR Job Near You
Search Jobs


CA Resources at Your Fingertips

CA Resources at Your Fingertips

View all Resources Now


Find the Right Vendor for Your HR Needs

SHRM’s HR Vendor Directory contains over 10,000 companies

Search & Connect