Tuesday, January 31, 2023

Cyber Security – Only 25% of Enterprises Focus on Cyber- Attack Prevention

By Sneha Bokil - April 08, 2020 2 Mins Read

Research from the Ponemon Institute mentions that only a quarter of companies focus on preventing cyber-attacks

The Economic Value of Prevention in the Cybersecurity Lifecycle report surveyed more than 600 IT and IT security practitioners in organizations. The latest research from the Ponemon Institute has revealed that only 24% of enterprises optimize cyber-attack prevention capabilities. This is although 70% of security professionals believe the ability to effectively prevent attacks strengthens security posture. According to the study, a significant percentage of companies prioritize cyber-attack detection and containment over prevention methods

Read MoreAligning the Goals and Strategies with the Newly Evolving Pandemic-induced Marketing…

Some key findings of the report:

  • Half of the respondents say their companies are wasting limited budgets on investments that don’t improve their cybersecurity posture, and only 40% believe their budgets are sufficient.
  • 55% of respondents said they could contain attacks after they happen. This leads IT, teams, to allocate significant portions of their budgets to containment instead of prevention.
  • 80% of respondents said prevention is the most difficult to achieve in the cybersecurity lifecycle. Insufficient technology and lack of in-house expertise were some of the reasons cited by these respondents.

Nearly 80% of security budgets are allocated to detection, containment, recovery, and remediation activities, found the report. Meanwhile, only 21% of the budgets are allotted to prevention, even though 80% of respondents said prevention is the most difficult thing to achieve in the cybersecurity lifecycle.

Read MoreImpact of consumer insights on business decisions making

Effective adoption of a preventative solution would result in significant cost reductions and require lower overall investment. The solution should be compared with the current spending on security departments and the cost of attacks. As per the study, the majority of organizations are more effective at containing cyber-attacks after they happen, because it is more accountable. The majority of cybersecurity budgets focus on containing attacks rather than preventing them. Today, enterprises are witnessing a significant increase in revenue losses due to cyber-hacks, which has forced them to start allocating increased resources to combat them. However, this is not an economically viable long-term strategy.


Sneha Bokil

Sneha Bokil is a Senior Editor with OnDot Media. She writes editorials on an array of topics ranging from IoT, AI, ML, and cloud computing, among others. She has over 9 years of experience in the field of content creation, where she has written on technology, both enterprise and consumer, and finance.

Subscribe To Newsletter

*By clicking on the Submit button, you are agreeing with the Privacy Policy with Enterprise Talks.*