DarkMatter, a cyber security firm headquartered in the UAE, found that 48% of respondents to its DarkMatter Cyber Security Poll say their organizations do not have a senior management executive assigned to oversee cyber security, while 46% of respondents said their organizations did not have a Board-level representative responsible for cyber security.
DarkMatter was able to poll the answers of over 200 information and communication technology (ICT).
The poll identified that 23% of respondents believe that their organizations have been victim to an internal cyber security breach, while 32% believe their organizations have fallen victim to an external attack. This suggests external threats pose a greater threat to organizations’ digital assets than internal ones, with a further poll result indicating 46% of respondents believe cyber security breaches are most often the result of human factors.
While the expectation is that cyber threats will persist, the DarkMatter advises entities to assume a state of breach, in order to establish the necessary strategic and tactical posture to guard against and mitigate cyber risks.
“Raising awareness regarding the real and evolving threat of cyber attacks is imperative in any modern, digital society. It is not about fear-mongering, it is about understanding what is at risk when entities and people operate in a connected online environment; what threat actors may be present and what they are in search of; and what steps can be taken to reduce vulnerabilities or mitigate threats,” said the company’s CEO Faisal Al Bannai.
However, challenges still exist given 34% of respondents said if their organization was to experience a cyber security incident, they did not believe it possessed sufficient network monitoring capabilities to identify the breach in a timely fashion.
Also, 49% of respondents said they believed cyber security is ultimately the responsibility of the original equipment manufacturer (OEM) more than it is the organization using it, which is a cause for concern as it may result in companies abdicating the responsibility of actively defending their data assets.
