Tenable Network Security has released findings today from its 2017 Global Cybersecurity Assurance Report Card, in which the world's information security practitioners gave global cyber-security readiness a “C-” average with an overall score of 70 percent.
The report solicited insights from 700 security practitioners in nine countries and across seven industry verticals to assess countries against a global index score reflecting overall confidence in the world's cyber-defenses.
According to this year's data, global cyber-security confidence fell six points over 2016 to earn an overall score of 70 percent — a “C-” on the report card.
The overall decline in confidence is the result of a 12-point drop in the 2017 Risk Assessment Index, which measured the ability of respondents to assess cyber-risk across 11 key components of the enterprise IT landscape.
For the second straight year, practitioners cited the “overwhelming cyber-threat environment” as the single biggest challenge facing IT security professionals today, followed closely by “low security awareness among employees” and “lack of network visibility (BYOD, shadow IT).”
“Today's network is constantly changing — mobile devices, cloud, IoT, web apps, containers, virtual machines — and the data indicate that a lot of organisations lack the visibility they need to feel confident in their security posture,” said Cris Thomas, strategist at Tenable Network Security. “It's pretty clear that newer technologies like DevOps and containers contributed to driving the overall score down, but the real story isn't just one or two things that need improvement, it's that everything needs improvement.”
For the UK, confidence amongst respondents in the organisations ability to assess risks has taken a significant knock falling from 73 percent to 59 percent - a 14 percent drop. Security assurance has also taken a slight dent, falling from 74 percent to 73 percent. This gives the UK an overall score of 71%, scoring it a D which is graded as a 'fail.'