The Cybersecurity Imperative

The Cybersecurity Imperative

Managing cyber risks in a world of rapid digital change

Businessman Facing a Wall - Overcoming Barriers

“We are in a cybersecurity arms race, and the hackers are winning. Over the years, we have tested thousands of companies. There is always a way in."

Kevin Mitnick, Chief Hacking Officer, KnowBe4

By 2021, cybercrime is likely to cost the world $6 trillion annually*—more than the combined GDP of the UK and France. As companies embrace the latest digital solutions and respond to rising regulations, cybersecurity has become a top management priority across industries and markets.   

But cybersecurity is a moving target: as companies embrace new technologies, so do hackers. The reluctance of firms to share cybersecurity information makes benchmarking and planning more challenging. 

To fill this gap, ESI ThoughtLab joined with WSJ Pro Cybersecurity and a group of prominent organizations to launch The Cybersecurity Imperative, a thought leadership program drawing on rigorous global research and analysis.  As part of this program, we surveyed 1,300 organizations across industries and countries, conducted advisory meetings and interviews with leading experts and practitioners, and developed analytical tools to benchmark approaches and assess performance impacts. 

*According to Cybersecurity Ventures

New Global Research Shows that Digital Transformation Heightens Risk of Costly Cyber Attacks

Learn more.

The Economics of Cybersecurity

"As companies put everything on a digital platform and introduce IoT-operated devices, they create more attack points - which can have critical impacts on business beyond just personally identifiable information."

Scott Laliberte, Managing Director, Protiviti

Digital innovation is a double-edged sword: while it improves business results, it also exposes organizations to greater cyber threats. These risks rise as companies embrace new technologies, such as AI and Internet of Things, as they move to open platforms and cloud-based systems.

%
Malware
%
Phishing
%
Ransomware
%
Viruses
%
Attacks from apps

The Cybersecurity Imperative Pulse Report

In April-May 2019, ESI ThoughtLab surveyed 467 firms to gain insights into their latest cybersecurity perspectives, plans, and practices (see research background on next page). The survey revealed that on average CISOs are increasing their cybersecurity war chests by 34% in the next fiscal year, after raising investments by 17% the previous year. Some industries, such as financial services and industrial manufacturing, plan to boost spending by as much as 40% next year, and companies with over $10 billion in sales will bolster their budgets by a hefty 49%.

The Cybersecurity Imperative Pulse Survey
Download the ESI ThoughtLab Pulse Survey
WSJ Pulse Survey Cover_Cybersecurity Imperative
Download the WSJ Pro Pulse Survey

Cyber risks with the largest growth over the next two years

Although the most common attacks are now malware/spyware and phishing, the growing use of supplier ecosystems, embedded systems, and mobile and web applications will escalate risks.

Executives expect to see huge growth in attacks through third parties with network access (+247%), and also the reverse: attacks on partners and vendors through their own systems (+284%).

Attacks through supply chain
%
Web application attacks
%
Attacks through embedded systems
%

The Cybersecurity Benchmarking Tool

"Great cybersecurity programs are not built in a month. They're built over a span of years. You have to be willing to play the long game."

Ron Mehring, VP, Technology and Security, Texas Health

We asked executives to rate their company's progress across five key cybersecurity categories: identify, protect, detect, respond, and recover. Based on these rankings, we calculated composite scores by industry, region, and other groupings. These scores reflect how companies in these segments fared against a mean score of 100.

Explore the cybersecurity benchmarking tool

The Cybersecurity Benchmarking Database

To cope with rising cyber risks, companies are increasing their cybersecurity investment 7% this year and 14% next year. On average, companies with revenue between $250m-$1b will spend $2.9m next year; $1b- $5b ($5.7m); $5b-$20b ($10.7m); and $20b+ ($16.8m). Next year, these firms plan to allocate 39.3% of their cybersecurity budgets to technology, 30.7% to process, and 30% to people. To learn more, take a look at our new database, Cybersecurity Benchmarks 2018

Download the Cybersecurity Benchmarks Database

Building a Roadmap to Excellence

"First, make sure you're a continuous learner. You shouldn't be in security if you're not inquisitive. It's a fast-paced environment that requires people who have a thirst for knowledge and learning..."

David Estlick, CISO, Starbucks

The Cybersecurity Imperative presents our key findings, along with insights into best practices, performance metrics, and calls to action. 

Cybersecurity is still more of an art than a science. So we spoke to chief information security officers (CISOs), cybersecurity experts, technologists, and even former hackers, to learn more about the state of the art. 

Interactive Ebook
Key Findings
Executive Summary
White Paper

Join the Conversation

Don't miss opportunities where The Cybersecurity Imperative has been featured.

Follow ESI ThoughLab's social media accounts for the latest information on The Cybersecurity Imperative and be sure to join the conversation.

@ESIThoughtLab

linkedin.com/company/esi-thoughtlab/

Download our social media tiles

Latest News

Companies boost budgets to fight evolving cyberattacks

Budgets will increase 34% next year, according to a global survey conducted by ESI ThoughtLab and WSJ Pro Cybersecurity . . .

US and Canada lead the world in cybersecurity maturity

A report from ESI ThoughtLab and The Wall Street Journal - in collaboration with consultancy partners Protiviti and Willis Towers...

Most executives around the world see untrained staff as the greatest cyber risk

The majority of executives (87%) around the world cite untrained staff as the greatest cyber risk to their business...

Why digital transformation puts you at greater risk for cyberattacks

Companies that do not keep up with their digital transformation initiatives may see a $1 million or more...

Damage to cybercrime can run in billions

Due to rapid digitization, cybersecurity risks are increasing rapidly and companies can hardly keep up.

ESI ThoughtLab on the Economics of Cybersecurity

ESI ThoughtLab released new data on corporate cybersecurity this week, with a conclusion that may not be new, but is no less alarming...

Executives expect to see 247% spike in cyberattacks through third party access over the next two years

Third parties are the fastest growing of the many significant cyber risks revealed by ground-breaking new global study...

Digital transformation increases risk of cyberattacks

The drive to digital transformation is exposing companies to higher and more costly cyber risks according to a new study of over 1,300 businesses...

Acknowledgements

We would like to thank our sponsors and research partners for supporting this ground breaking thought leadership program. They graciously provided valuable direction and research input throughout the course of the study. Without them, this program would not have been possible.

Sponsored by

Contact Us

At ESI ThoughtLab, we are committed to creating visionary thought leadership and evidence-based decision support to keep organizations at the forefront of market change. For more information, please contact us.

Lou_Celi

Lou Celi
Chief Executive Officer
917.459.4614
Lceli@esithoughtlab.com

  • This field is for validation purposes and should be left unchanged.