|[January 11, 2016]
ISACA Survey: 63% of IT Professionals Are Against Governments Having Backdoor Access to Encrypted Information Systems
Close to two-thirds (63%) of global IT professionals oppose giving
governments backdoor access to encrypted information systems, and
similar numbers (59%) feel that privacy is being compromised in an
effort to implement stronger cybersecurity laws. The survey by global IT
and cybersecurity association ISACA of 2,920 members in 121 countries
also reveals marked skepticism about the likelihood of organizations
sharing data breach information voluntarily as called for by the
recently passed U.S. Cybersecurity Information Sharing Act of 2015.
This Smart News Release features multimedia. View the full release here:
2016 Cybersecurity Snapshot shows mixed attitudes toward sharing
information after a data breach. Eighty-three percent of those polled
favor regulation requiring companies to notify customers within 30 days
of the discovery of a data breach - a 10-point increase in little more
than a year. Nearly three-quarters (72%) of US respondents say they are
in favor of the U.S. Cybersecurity Information Sharing Act of 2015,
which encourages cyberthreat information sharing between the government
and the private sector. Yet, only 46% believe their own organization
would do so voluntarily if it experiences a data breach.
"The Cybersecurity Snapshot shows that the professionals on the front
lines of the cyberthreat battle recognize the value of
information-sharing among consumers, businesses and government, but also
know the challenges associated with doing so," said Christos
Dimitriadis, Ph.D., CISA, CISM, CRISC, international president of ISACA
and group director of information security at INTRALOT. "Cybersecurity
has become a high-stakes, boardroom-level issue that can have crippling
consequences for any C-suite executive who lacks knowledge about the
issues and risks. Strong public-private collaboration and ongoing
knowledge-sharing are needed to safeguard our organizations from
Top Three Threats for 2016
The three threats that global IT and security professionals are most
concerned about for their organization this year are:
Social engineering (52%)
Insider threats (40%)
Advanced persistent threats (APT (News - Alert)) (39%)
These items outranked options frequently associated with cyberattacks,
including malware, unpatched systems and distributed denial-of-service
Cyber Skills Gap Still a Big Problem
According to the
findings, the cybersecurity skills gap continues to pose a
significant obstacle to organizations seeking to expand their cyber
workforce. Close to half (45%) of those surveyed worldwide report that
they are hiring more cybersecurity professionals in 2016, yet fully 94%
of those hiring say it will be difficult to find skilled candidates.
Identifying who has adequate skills and knowledge will also be
difficult, say more than six in 10 survey participants.
"The aggressive increase in cyberattacks worldwide is feeding a growing
chasm between demand and supply in the cybersecurity talent wars. It is
also shedding light on a critical problem in our industry: identifying
job candidates who are truly qualified to safeguard corporate assets in
a landscape that is highly complex and constantly evolving," said Eddie
Schwartz, CISA, CISM, CISSP-ISSEP, PMP, international vice president of
ISACA and president and COO of WhiteOps.
ISACA was the first to combine skills-based vendor-neutral cybersecurity
training with performance-based exams and certifications to address the
cyber talent shortage with the launch the CSX
Practitioner certification in August 2015.
New Report Added to Cybersecurity Legislation Watch
To help organizations understand the implications of the new U.S.
legislation, ISACA today added a new report to its Cybersecurity
Legislation Watch center, part of Cybersecurity
Nexus (CSX). The report, US Enacts Cybersecurity Information
Sharing Legislation, analyzes the Cybersecurity Act of 2015 (P.
L. 114-113), which was recently passed by the US Congress and signed
by President Barack Obama. The report includes a look at the background
of the act, its expected impact on business and criticisms from privacy
advocates. To view the special report, visit www.isaca.org/cybersecurity-legislation.
ISACA launched Cybersecurity
Nexus (CSX) in 2014 to help address a growing worldwide
cybersecurity skills crisis. CSX is a central location of cybersecurity
research, guidance, certificates and certifications, education,
mentoring and community. ISACA recently introduced skills-based training
with performance-based exams and CSX
certifications to help professionals build and evolve their careers
in cybersecurity. Last year marked the successful debut to a sold-out
crowd of the North America CSX 2015 Conference, dedicated specifically
to cybersecurity. In 2016 ISACA is expanding the cybersecurity event to
Europe and Asia.
helps global professionals lead, adapt and assure trust in an evolving
digital world by offering innovative and world-class knowledge,
standards, networking, credentialing and career development. Established
in 1969, ISACA is a global nonprofit association of 140,000
professionals in 180 countries. ISACA offers the Cybersecurity Nexus
(CSX) and COBIT, a business framework to govern enterprise technology.
Twitter (News - Alert): https://twitter.com/ISACANews
View source version on businesswire.com: http://www.businesswire.com/news/home/20160111005217/en/
[ Back To TMCnet.com's Homepage ]