Information Systems Audit and Control Association (“ISACA”) shared their survey results about cyber security. The survey named 2015 Cyber Security Snapshot reflects the opinions of nearly 3000 IT professionals from 121 countries. The ISACA Survey answers help us to look forward for the new threats.
Cyberthreat Concerns (ISACA Survey)
Christos Dimitriadis, 2015-2016 ISACA International President wrote a post about the results of the survey. He writes; “Respondents said their top cyberthreat concerns for 2016 were social engineering, insider threats and advanced persistent threats (APTs). Fully 84 percent believe there is a medium to high likelihood of a cybersecurity attack disrupting critical infrastructure (e.g., electrical grid, water supply systems) this year. Nearly a third said there will be some increased risk of insider threats (privileged users) vs. last year.”
Backdoor Access (ISACA Survey)
The participant’s idea about the prevention types shows that the best considered alternative is two-factor authentication. Two-man authentication can also be thought as an alternative for critical systems. The governments efforts to locate a backdoors to applications and services has been also also with the ISACA survey. A majority (63 percent) of respondents believe governments should not have backdoor access to encrypted information systems. A similar majority think privacy is being compromised by stronger cybersecurity regulations.
Data Breach Transperancy (ISACA Survey)
The third point from the ISACA survey is the security transparency. From an organizational standpoint, 84 percent favor regulation requiring companies notify customers within 30 days of a data breach discovery. Interestingly, only a third of respondents believe their organization would voluntarily share cyberthreat information if it experienced a breach. The current major tendency is covering the breach as possible.
Job Certifications (ISACA Survey)
Another point is about the job hirings. Many companies ask for certifications like CISSP, which a professional cannot get it until worked actively in the field for five years. 80 percent of respondents said they’d be more likely to hire candidates who hold performance-based certifications.
There are also results about Ransomware, EU Safe Harbor Law etc. You can find detailed survey result on ISACA web page.