Sony Pictures CEO Michael Lynton says he was advised that 90 percent of American businesses would have fallen victim to the cyberattack that has left his company doubled over.
And in a recent survey of senior security officials, IBM reported that approximately 60 percent of the respondents stated they believe their companies weren't prepared to face a cyberattack.
IBM surveyed the most senior officers on the security staffs of 138 organizations. While many of the chief information security officers (CISO) stated that their organizations were taking steps to improve their systems, the protection that's in place right now is deficient, they said.
While many of the CISOs stated their organization's defenses are vulnerable to the most sophisticated malware in circulation, they indicated that their companies networks are still formidable. Approximately 70 percent of the study's respondents said their organization's defenses are "mature" and "traditional," focusing on network intrusion prevention, advanced malware detection and network vulnerability scanning.
About 40 percent of the CISOs stated that their biggest challenge is shoring up their organization's defenses to fend off the most sophisticated of cybersecurity threats. Roughly 15 percent of the respondents pointed to regulations as their toughest challenge, a figure that could drop off even more as businesses develop a healthy fear of how devastating and costly cyberattacks can be to them.
The increasing costs of mitigating the damages and losses from cyberattacks have helped organizations realize the importance of CISOs. And senior security officials are finally starting to take their seats in boardrooms, says Brendan Hannigan, general manager of IBM Security.
"Security leaders must now use this growing influence to deliver better results: prioritizing the protection of critical assets, focusing investments on intelligence and recruiting top industry talent to augment internal efforts," says Hannigan.
While Hannigan says organizations must focus on intelligence as part of their strategies for combating cybercrimes, Sony Pictures CEO said his company was given bad intel in June of last summer when it consulted with third parties on its decision to produce The Interview after Sony Pictures first realized there was a problem with North Korea.
Censorship of The Interview, which centers around a plot to assassinate North Korea's despot, is believed to be the motivation behind the massive attack launched against Sony Pictures. In a CNN interview, Lyton said his company took the subsequent threats seriously.
"We went to the people who we thought were most expert in the area, people in the U.S. government, people in various think tanks, and inquired as to whether or not this would be a problem. And they told us that it wasn't," stated Lynton.