Enterprises seem to be getting the message that security posture cannot be measured by pocket depth as budgets get cut.
The annual PwC information security survey is always good for a host of key results. The 2018 report doesn’t disappoint in this regard. Only 49 percent of organisations conduct penetration tests yet 28 percent have no idea how many cyber-attacks they suffered last year. Or how about only 44 percent of organisations in the UK that formally work with others in their industry to reduce potential future risk of attack, compared to 58 percent globally? Oh, and only 53 percent have any cross-organisational team working on cyber-security issues within the enterprise itself. All of which would be food for thought, but when you also consider that security budgets have dropped by a third (from £6.2 million to £3.9 million on average) the analytical indigestion really starts to kick in.