PwC and CSO magazine have released a new survey that describes eight cybersecurity deficiencies and what organizations can do to combat them.

Dan Kobialka, Contributing writer

May 28, 2014

2 Min Read
The 2014 US State of Cybercrime Survey from PwC and CSO magazine revealed the majority of US organizations lack the cybersecurity capabilities to
The 2014 U.S. State of Cybercrime Survey from PwC and CSO magazine revealed the majority of U.S. organizations lack the cybersecurity capabilities to control cyber threats.

The 2014 U.S. State of Cybercrime Survey from PwC and CSO magazine revealed the majority of U.S. organizations lack the cybersecurity capabilities to control cyber threats.

Researchers found 62 percent of organizations did not have methodologies to prioritize security investments based on impact and risk.

Other survey findings included:

  • The average number of security incidents detected over the past year was 135 per organization.

  • 77 percent of survey respondents reported a security event in the past 12 months.

  • 67 percent of respondents who detected a security incident were not able to estimate its costs. Among those that could, the average annual monetary loss was projected to be $415,000.

  • 59 percent reported they were more concerned about cybersecurity threats this year than they were the year before.

  • 34 percent said the number of security incidents in their organizations increased over the previous year.

“Cyber criminals evolve their tactics very rapidly, and the repercussions of cybercrime are overwhelming for any single organization to combat alone. It’s imperative that private and public organizations collaborate to combat cybercrime and gain intelligence about security threats and how to respond to them. A united response will prove to be an indispensable tool in advancing the state of cybersecurity,” David Burg, PwC’s global and U.S. advisory cybersecurity leader, said in a prepared statement.

PwC also offered the following recommendations for organizations to combat cybercrime:

  • Assess risks associated with supply chain partners

  • Develop threat-specific policies

  • Enhance training and create workforce messaging to boost cybersecurity awareness across the organization

  • Ensure that mobile security practices keep pace with adoption and use of mobile devices

  • Hold third parties to the same or higher cybersecurity standards

  • Invest in people, processes and technologies

  • Perform cyber risk assessments regularly

  • Take advantage of information sharing internally and externally to learn about new cyber risks

The survey was conducted by CSO magazine in collaboration with PwC, the U.S. Secret Service and the CERT Division of the Software Engineering Institute at Carnegie Mellon University. It included responses from more than 500 U.S. executives, security experts and others from the private and public sectors.

The full survey is available for download here.

Share your thoughts about this story in the Comments section below, via Twitter @dkobialka or email me at [email protected].

About the Author(s)

Dan Kobialka

Contributing writer, Penton Technology

Dan Kobialka is a contributing writer for MSPmentor and Talkin' Cloud. In the past, he has produced content for numerous print and online publications, including the Boston Business Journal, Boston Herald and Patch.com. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State College (now Bridgewater State University). In his free time, Kobialka enjoys jogging, traveling, playing sports, touring breweries and watching football (Go Patriots!).  

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like