Organizations reveal that with the growing intensity of cyberattacks they are losing ground to cybercriminals.
80% CISOs and CTOs suggested that concerns over inevitable security issues are a hindrance to software IT projects.
Manpower and budget are two other barriers to creating a well-rounded cyber-security strategy.
Businesses worldwide are increasingly migrating into digital form on globally interconnected technology platforms. But with it comes the threat of cyberattacks. Cyberattacks are becoming a regularity and business big and small are struggling with their capabilities in managing these attacks. Moreover, organizations reveal that with the growing intensity of cyberattacks they are losing ground to cybercriminals.
HackerOne's survey reveals that cybersecurity fears are blocking business innovation. The bug bounty and pen-testing platform interviewed 200 UK CISOs and CTOs, 80% of whom suggested that concerns over inevitable security issues are a . And 90% agreed that software vulnerabilities were a significant risk to their organization.
Organizations need to find a balance between driving innovation and keeping data safe. It is not surprising that fear around cyber security is hindering this, but by moving beyond traditional cyber security strategies, businesses can start to feel empowered.” - Laurie Mercer, Security Engineer, HackerOne
- Laurie Mercer, Security Engineer, HackerOne.
Laurie added, “When I started writing code, new releases of software would take 6 months to develop and test. Today new software is released every hour. This new pace of innovation poses a problem for security teams but, by implementing a strategy that supports continuous security, businesses can ensure they are on alert for any vulnerabilities that software might have. The key is to ensure security is constantly evolving.”
The survey laid bare the manpower and budget concerns for security professionals with 63% saying that the security team resources are not enough to keep up with the pace of development. Over a third of respondents a major barrier to creating a well-rounded cyber-security strategy.
The survey highlighted that 62% of security professionals would rather accept the risk of software vulnerabilities than invite unknown hackers to find them, despite the concerns around vulnerabilities and limited resources. 63% would accept bug submission only from vetted attackers.
A HackerOne customer, CISO of an international health and beauty retailer believes that traditional cybersecurity methods alone are not sufficient and explains that CISOs often find themselves in a tricky position with a need to adopt innovation while also remaining responsible for cybersecurity.
The security landscape is ever evolving and therefore we need to approach defensive strategies in the same way. By working with ethical hackers, it gives organizations the freedom to work on new projects, spin up new applications and try different ways of working, while at the same time there is peace of mind that continuous and on-going testing is taking place. With ethical hacking, these vulnerabilities can be fixed immediately..
- HackerOne Customer
The research that was conducted by Opinion Matters revealed answers to many questions including what are the biggest risks to the business, which areas are hindering growth, and what technology are CISOs likely to implement in eliminating these challenges.
If this trend is to continue, the larger negative economic implication would be a backlash against digitization, due to a lack of robustness in cybersecurity methods against increasing cyberattacks.