Additionally, 15 percent and 18 percent of them said they do not have a threat intelligence programme and identity and access management programme, respectively. As such, more than half expressed their intention to spend more in these areas in the next 12 months.
Lastly, more than half of global respondents (57 percent) said that the contribution and value that the information security function provides to their organisation is compromised by the lack of skilled talent available, compared to 53 percent of respondents in the 2014 survey. This indicates that the situation is deteriorating, rather than improving.
"Cybersecurity is inherently a defensive capability, but organisations should not wait to become victims. Instead, they should take an 'active defense' stance, with advanced security operations centres that identify potential attackers and analyse, assess and neutralise threats before damage can occur. It is imperative that organisations consider cybersecurity as an enabler to build and keep customers' trust," concluded O'Rourke.
Sign up for CIO Asia eNewsletters.