This website uses cookies. By navigating around this site you consent to cookies being stored on your machine

Newsroom

BAE Systems’ research reveals 40% of U.S. executives are unsure of the cyber security measures their Companies have in place

Cyber Security
Reveals greater need for communication and deployment of cyber security best practices across industries

BAE Systems today revealed new research which shows that more than 40% of surveyed executives in the U.S. are unsure or don’t have a clear understanding of the cyber security protocols that are in place within their organization, despite 70% recognizing that data breaches are a threat to their company.  Additionally, although 70% of companies do have cyber defense training programs in place, these are only implemented once or twice a year, leaving organizations vulnerable to attacks.  

“The lack of awareness by executives on the state of their cyber security protocols and training initiatives is alarming, as it puts them at a serious disadvantage against potential attackers,” said Michael Fleishman, General Manager, Americas region at BAE Systems.  “This is a critical issue that must be addressed, as these individuals and their employees are at risk of unknowingly disseminating sensitive data to unauthorized parties both internally and externally, making their organizations, supply chains and employees susceptible to a variety of threats.

“Cyber security training needs to be more than an infrequent, ‘tick-the-box’ activity for it to have any sort of lasting impact on improving employee awareness.  Programs need to have a cognitive element to ingrain these practices into employees’ daily routines and empower them to be more engaged, increase their knowledge of bad practices and awareness of the most common threat techniques.”
 

Additional findings of the survey include:

 
  • The Rising Importance of the CSO/CISO:  CSOs and CISOs play a key role in corporate leadership, with nine out of 10 being connected to the leadership team, and half actually on the team.
  • Encryption is Key Tool:  Over 87% of the companies surveyed use some form of encryption to protect their mission critical data. Given how resource intensive encryption can be, companies need to better prioritize their most important data. Organizations should also recognize that encryption is not a ‘silver bullet’ for data protection that negates the need for other complementary techniques, endorsing a more integrated approach.
  • Anti-Virus and Firewalls Top Malware Breach Prevention:  Respondents confirmed the inclusion of fundamental technologies such as firewalls (97%), anti-virus software (95%) and/or cyber intrusion detection system (75%) as the primary methods used to prevent malware breaches.
  • Cyber Insurance Not a Priority: Only 17% of companies claim to carry some form of cyber insurance. While it doesn’t stop attacks from happening, organizations should be aware if these policies exist.  The more secure a company’s environment is, the lower its premiums will be closing the bridge between remediation and recoverable (cyber insurance) costs.
  • Cyber Security Training Remains Inconsistent: With companies conducting training on a quarterly basis or bi-annual basis (38%), there is a limited opportunity to get it right, resulting in a much larger opportunity for external and internal costly mistakes. 
  • Data Breach Threats: 85% of executives indicated that reputational damage and damage to consumer confidence were the most significant risks. 74% were concerned about legal liability and 70% cited financial damage to the company as a significant risk.  The potential impacts of the risks identified are very serious, illustrating the importance of prioritizing cyber security with the same level of diligence apportioned to new product growth or business diversification.
     

ORC International, a leader in business intelligence, conducted the online study among a sample of 300 respondents who are middle managers for companies in the Financial Services, Insurance and Tech/IT industries. 
 

END
 



For additional information, please contact

Jena Murphy
BAE Systems Applied Intelligence
Tel: (617) 235 8862
Mobile: (617) 513 0265
Email: jena.murphy@baesystems.com

Wendy Schechter
Articulate Communications
Tel: (212) 594 5504
Email: wschechter@articulatecomms.com
 

About BAE Systems

At BAE Systems, we provide some of the world’s most advanced, technology-led defence, aerospace and security solutions and employ a skilled workforce of some 83,400 people in over 40 countries. Working with customers and local partners, we develop, engineer, manufacture and support products and systems to deliver military capability, protect national security and people and keep critical information and infrastructure secure.
 

BAE Systems Applied Intelligence is a business division of BAE Systems that delivers solutions that help clients to protect and enhance their critical assets in the intelligence age. Our intelligent protection solutions combine large-scale data exploitation, ‘intelligence-grade’ security and complex services and solutions integration. We operate in four key domains of expertise: cyber security, financial crime, communications intelligence and digital transformation.

Leading enterprises and government departments use our solutions to protect and enhance their physical infrastructure, mission-critical systems, valuable intellectual property, corporate information, reputation and customer relationships, competitive advantage and financial success.

For further information about BAE Systems Applied Intelligence, please visit www.baesystems.com/ai/