July 6, 2015
Survey shows small budgets hold back cyber security efforts in 65 percent of UK organisations, despite increased confidence in ability to defend networks from cyberattacks
Newly released results from a survey conducted by Tenable Network Security®, Inc., the leader in continuous network monitoring, reveal that 65 percent of UK organisations do not spend enough on cyber security budgets to adequately protect their networks.
When IT and security professionals visiting this year’s Infosecurity Europe were asked if they believed their employers were doing enough to protect their networks from cyber threats, 47 percent said they didn’t believe they were. Even for the 53 percent that said they are doing everything they can to protect their networks, lack of funding is still a major limiting factor, as 48 percent of this subset point to inadequate budgets as a key hurdle.
Eighteen percent of respondents only spend money “when something happens,” indicating a reactive response to network security, instead of a proactive and strategic approach.
Just 17 percent of survey respondents report they have the proper budget and company buy-in to “spend whatever is necessary” to protect themselves.
"The time between the discovery and announcement of a vulnerability and the subsequent release of exploit code that takes advantage of that vulnerability is rapidly decreasing," said Cris Thomas, strategist, Tenable Network Security. "People used to think they had weeks or even months before they had to remediate a newly discovered vulnerability. Now that time has shrunk to hours or even minutes in some cases before someone is actively exploiting a new zero-day.”
“According to our survey results, the reality for 83 percent of UK organisations is that budgets are not bottomless and security teams have to balance the risk of being breached with the expense of deploying a properly secured network,” said Thomas. “This, unfortunately, can force some organisations to skip basic things like maintaining a complete inventory of all network assets and continuously monitoring for and removing vulnerabilities and misconfigurations.”
Those who participated in the survey did report one bright spot for UK cyber security. Tenable’s survey results show that 59 percent believe they are better able to defend their networks from cyberattacks now than they were 12 months ago. Forty percent said their ability to defend their networks remained unchanged, and no one reported feeling less confident in their ability compared to last year.
Tenable surveyed nearly 300 IT and information security professionals over three days during Infosecurity Europe 2015. The results are valid within a six-percent margin of error.
Tenable™, Inc. is the Cyber Exposure company. Over 23,000 organizations of all sizes around the globe rely on Tenable to manage and measure their modern attack surface to accurately understand and reduce cyber risk. As the creator of Nessus®, Tenable built its platform from the ground up to deeply understand assets, networks and vulnerabilities, extending this knowledge and expertise into Tenable.io™ to deliver the world’s first platform to provide live visibility into any asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, large government agencies and mid-sized organizations across the private and public sectors. Learn more at tenable.com.