More than half of global businesses are not confident they will react effectively if faced with a cyber attack, according to a new report.
About 30 per cent of companies that have cyber attack response plans in place have not tested or updated them in the last 12 or more months, said California-based cyber security firm FireEye in a report released on Monday.
Nearly 51 per cent of organisations "do not believe they are ready for, or would respond well to, a cyber attack or breach event”, Eric Ouellet, global security strategist at FireEye, said. For about 63 per cent of the organisations, “Finding a balance between cyber security and operational requirements is a global challenge".
Cyber criminals stole more than $1 trillion (Dh3.67tn) globally last year. The Middle East and North Africa region's share account for about 20 per cent – Dh734 billion – of the money stolen, according to UAE-based cyber security firm Z Services.
Cyber security expenditure, which was valued at Dh23bn in the Mena region last year, is expected to grow at a compound annual rate of nearly 15 per cent over the next five years, according to Mordor Intelligence.
Nearly nine-in-ten organisations believed that the cyber threat will “stay the same or even worsen in 2020”, according to the FireEye report. The top three industries that are likely to be the main targets are finance and banking, technology and government.
The report is based on an online survey, conducted during July and August, of more than 800 senior IT executives across companies in North America, Europe and Asia.
The report revealed that the biggest concerns for companies during a cyber attack are loss of sensitive data, the effect on customers and operational disruptions. To address these concerns, more than 75 per cent of the organisations plan to increase their cyber security budget in 2020.
“Organisations most commonly expressed plans to increase cyber security spending by 1 per cent to 9 per cent next year over 2019 allocations,” said Mr Ouellet.
Almost 40 per cent of respondents from the US indicated plans to increase cyber security budgets next year, compared to 30 per cent of UK respondents and 22 per cent of South Koreans.
Globally, organisations are allocating their cyber security budgets into four main categories, with the largest share going to prevention (42 per cent) and detection (28 per cent).
Almost 33 per cent of the respondents believed that storage of data on the cloud was more secure than keeping it on their own premises. However, in both Germany and Japan, 24 per cent of executives perceived the cloud as being less secure — highlighting a disparity from the global average (18 per cent).
A cyber vulnerability management programme is seen as the best way for an organisation to protect itself against a cyber attack, followed by employing security software and training employees.