Insights & Analyses

40% of companies not confident in security against cyber attacks

December 14, 2017

Identity theft makes for an easy target when companies cannot secure data, and a new poll of directors and executives has found that 40 percent of companies fall short of complete confidence in the security of their own systems.

The National Association of Corporate Directors conducted a survey of 583 directors and executives with governance duties, polling how confident they are are regarding their security against cyber attacks.

The results, as published by The Wall Street Journal show that more than a third — 37 percent — ranked their confidence levels at only “slightly” or “moderately.” Another 3 percent had no confidence in their cybersecurity at all.

The remaining 60 percent characterized their confidence levels as “very” or complete, meaning most companies polled believe their data is properly secured.

However, the number showing total confidence actually fell from 42 percent in 2016 to 37 percent this year.

And the fact that 40 percent had doubts, or a complete lack of confidence, in their company’s cybersecurity in 2017 highlights continued unease with protecting sensitive data, particularly in light of the massive Equifax identity breach, which exposed personal information of some 146 million U.S. citizens.

That Equifax security failure has spurred calls for greater government oversight, with legislators seeking to impose penalties on companies that do not adequately protect consumer data, or report breaches in a timely fashion.

The wheels are already in motion for reform in the European Union, where the General Data Protection Regulation laws go into effect next May. That change has prompted companies to invest millions of dollars toward compliance and enhanced security measures.