Announcing the Second Annual ISMS.online State of Information Security Report
Table Of Contents:
We are excited to announce the publication of our State of Information Security Report 2024! This comprehensive report, commissioned by ISMS.online and conducted by independent market research firm Censuswide, offers an in-depth analysis of the current information security and compliance landscape across the UK, USA, and Australia.
About the Research
This year, we expanded our scope beyond the UK to include 1526 respondents working in information security in the USA and Australia. Their insights have helped us uncover the significant information security and compliance challenges organisations face, the impact of AI on the landscape, and how companies drive business value and ROI from compliance.
Key Findings
Charting Today’s Risk Landscape
Business and IT leaders are facing unprecedented challenges. The persistent economic uncertainty and the need for digital transformation have expanded the digital attack surface. Managing vendor and third-party risk is the biggest challenge (38%), followed closely by securing IoT and BYOD devices (30%).
Threat Actors Are Relentless and Innovative
Cybercriminals and nation-state actors continue to exploit vulnerabilities. Over the past 12 months, 35% of respondents reported malware infections, and social engineering attacks targeted 32% of organisations. AI-powered deepfakes have also emerged as a significant threat, cited by 30% of respondents.
Data Theft Under the Radar
Data remains the most valuable commodity for organisations. Partner data (41%) was the most compromised, followed by financial data (39%) and asset data (34%). These breaches highlight the persistent risks posed by suppliers and the importance of robust data security measures.
Humans Remain a Critical Infosecurity Challenge
Employees can be both a strong defence and a weak link in cybersecurity. While 45% of respondents have focused on improving employee awareness, personal device use for work without proper security measures remains a top mistake (35%).
Supply Chains Are Creaking Under Cyber Risk Pressure
Supply chain information security risks are becoming more common, with 64% of respondents admitting to incidents in the past 12 months. Managing these risks is critical as organisations are only as strong as their weakest supplier.
AI: Part of the Problem and the Solution
While AI and ML technologies pose new security challenges, they also offer opportunities to enhance cybersecurity. Three-quarters (76%) of security professionals believe AI improves information security, and many are increasing their budgets accordingly.
Compliance Drives Business Benefits
Compliance is no longer just about avoiding fines. Organisations leverage compliance to remain competitive, protect business and customer information, and enter new markets. Enhancing business reputation, cost savings from reduced incidents, and improved decision-making quality are some of the significant returns on compliance investments.
Everything Businesses Need to Know About Information Security Today
The State of Information Security Report 2024 highlights the evolving landscape of information security and the growing importance of compliance. As digital transformation continues to expand the attack surface, robust cybersecurity measures and adherence to best practice frameworks are essential. The report provides valuable insights and practical guidance to help organisations navigate these challenges and fortify their defences.
We invite you to read the full report and gain a deeper understanding of the current state of information security. Your feedback and engagement are crucial as we work together to create a more secure digital future.
