Survey finds organizations are still unprepared for inevitable cyber attacks

By on 24/06/2015 | Updated on 04/02/2022

Most organizations (67%) are facing rising threats in their information security risk environment, but over a third (37%) have no real-time insight on cyber risks necessary to combat these threats. This is one of the topline findings of EY’s annual Global Information Security survey, Get Ahead of Cybercrime, which this year surveys 1,825 organizations in 60 countries.


  • Over a third (37%) of organizations have no real-time insight on cyber risks, lacking agility. They also lack budget and skills to combat rising cybercrime
  • #1 vulnerability to cybercrime revealed as careless or unaware employees, while #1 threat is the theft of financial information
  • Organizations need to be in a constant state of readiness, anticipating where new threats may arise

Organisations are lacking the agility, the budget and the skills to mitigate known vulnerabilities and successfully prepare for and address cybersecurity. Forty-three percent of respondents say that their organization’s total information security budget will stay approximately the same in the coming 12 months despite increasing threats, which is only a marginal improvement to 2013 when 46% said budgets would not change.

Over half (53%) say that a lack of skilled resources is one of the main obstacles challenging their information security program and only 5% of responding organisations have a threat intelligence team with dedicated analysts. These figures also represent no material difference to 2013, when 50% highlighted a lack of skilled resources and 4% said they had a threat intelligence team with dedicated analysts.

”Careless or unaware employees” is revealed as the number one vulnerability companies face, with 38% of respondents saying it is their first priority, and ”outdated information security controls or architecture” and “cloud computing use” are second and third respectively (35% and 17%). ”Stealing financial information,” “disrupting or defacing the organization” and “stealing intellectual property or data” are the top three threats (28%, 25% and 20% respectively say it is their first priority).

This year’s survey finds that organizations need to do a better job of anticipating attacks in an environment where it is no longer possible to prevent all cyber breaches, and where threats come from ever more resourceful and well-funded sources.

Complete the form below to download a free copy of the report.

    EY Global Information Security Survey 2014 Report Download

    Most organizations (67%) are facing rising threats in their information security risk environment, but over a third (37%) have no real-time insight on cyber risks necessary to combat these threats. This is one of the topline findings of EY’s annual Global Information Security survey, Get Ahead of Cybercrime, which this year surveys 1,825 organizations in 60 countries.

    Complete the form below to download a free copy of the report

    Full Name (required)

    Job title (required)

    Department (required)

    Organisation (required)

    Country (required)

    Email (required)

    Telephone (required)

    About Partner Content

    This content is brought to you by a Global Government Forum, Knowledge Partner.

    Leave a Reply

    Your email address will not be published. Required fields are marked *