A new survey shows that just three percent of IT security professionals believe their organisation has the technology in place to deal with the most common cyber problems that they face.
A new Tripwire survey, released at RSA 2017, found that ransomware, denial of service, malicious insiders, phishing and vulnerability exploits are top of mind concerns for the 403 security execs who participated in the survey. Of those, 97 percent said their organisation does not have the technical means in place to combat these problems, while 90 percent indicated their worker's skills were insufficient to handle these cyber issues.
Tim Erlin, Tripwire's senior director, product management security, said confidence in being able to deal with an attack varied depending upon the threat. When it came to DoS and phishing 60 percent and 68 percent, respectively, felt they could deal with the situation.
“More of them felt they were better prepared to deal with denial of service and phishing, most likely because there are tools available to deal with these specific problems,” Erlin said, adding employee training could also be used to help mitigate the risk with DOS and phishing attacks.
However, when it came to ransomware, insider threats and vulnerabilities, confidence dipped with only about 41 percent feeling their company had the skills and technology to fend off an attack.
Erlin noted that the skills gap can be directly attributed to the on-going dearth of cyber-security workers making it extremely difficult for companies to properly staff up. To help bridge this gap more and more companies are willing to accept applicants with no cyber-security training, but who do have the mindset that would allow them, with some additional training, to become effective cyber-security workers.