IT Professionals Give Cyber-Security Confidence a C- Grade for 2017

According to a new study from Tenable Network Security, confidence in cyber-security has dropped in the past year, although there are some bright spots.

While the overall score globally is a C-, Tenable gives the United States a slightly better overall security score of C+, thanks in part to a high degree of confidence for security assurance.

India ranked first in the world, with an average score of 84 percent and an impressive score of 96 percent for security assurance. According to Tenable, India’s security professionals are confident in their ability to measure security effectiveness and align security to business objectives.

A core element of the Cybersecurity Assurance Report Card is the Risk Assessment Index, which measures an organization’s ability to assess cyber-security risks across 11 IT infrastructure components. For the 2017 report, Tenable found an overall decline in risk assessment scores, indicating a lower level of security confidence. Tenable suspects the decline in confidence could be due to a drop in morale as a result of near-daily data breach headlines, compounded by fatigue from the constant battle to keep pace with emerging technologies and proliferating threats.

While Risk Assessment confidence has declined, Security Assurance has remained relatively unchanged. Tenable’s Security Assurance Index defines an organization’s confidence in its ability to mitigate threats by investing in security infrastructure. Of particular note is that security professionals are increasingly confident in their ability to measure security effectiveness, measured at 83 percent for the new study, up from 81 percent in the 2016 report.

The top industry in the 2017 Global Cybersecurity Assurance Report Card was Retail, with an overall score of 76 percent. Retail industry security professionals are increasingly confident in their ability to provide security assurance.

Respondents were asked about their optimism for the future of security and their organization’s ability to defend itself against cyber-attacks. The majority of respondents (64.9 percent) were either more optimistic or significantly more optimistic.

Though the majority of cyber-security professionals in the Tenable study are optimistic about the future, they see cyber threat environment overall as very overwhelming.