The total number of cybersecurity incidents reported by companies increased by 48% in 2014, reaching 42.8 million incidents worldwide, according to PwC’s - The Global State of Information Security® Survey 2015, based on the answers of 9,700 IT managers from around the globe, while the financial damages caused by such incidents were around 2.7 billion $, 34% more than in 2013.
Large companies (with annual turnovers worth at least 1 billion $) detected 44% more cybersecurity incidents compared to last year, while smaller companies (with yearly turnovers below 100 million $) reported fewer such incidents.
“The number of detected cybersecurity incidents is directly linked with the investments in cybersecurity, while a decrease in reported incidents by small companies may highlight that there are more and more unidentified security breaches. Why would hackers target only large companies, when their purpose is simply to obtain data?”, stated Mircea Bozga, Partner, Assurance and IT Assurance Services, PwC Romania.
The number of reported cybersecurity incidents reported grew by 41% compared to last year in Europe, by 11% in North America and by 5% in Asia. South America is the only region that saw a decrease in reported cybersecurity incidents, by 9%, but this happened because there was a 24% cut in IT security budgets in the region.
“Many organizations are facing cybersecurity risks, but few companies are aware that they may have been the targets of such cyber-attacks in the past or even ongoing attacks. The reality that all organizations need to face these days is to realise that the real question is not what they will do if they are exposed to a cybersecurity threat that materialized, but rather what they will do when they get exposed", stated Armin Dinar, Senior Manager, IT Risk Assurance, PwC Romania.
“Although many organizations are still prioritising and investing a lot in various security solutions, the human factor, which in essence is still crucial for viable cyber security protection, is often put aside. It is important to underline that regardless of investment in new solutions, unless the organization can also support these solutions with properly educated and trained personnel, the investment in security solutions may not provide adequate returns", added Armin Dinar.
PwC firms help organisations and individuals create the value they’re looking for. We’re a network of firms in 157 countries with more than 195,000 people who are committed to delivering quality in assurance, tax and advisory services. Find out more and tell us what matters to you by visiting us at www.pwc.com.
PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details.
©2015 PricewaterhouseCoopers. All rights reserved