Many companies are still reluctant to spend money on cybersecurity because they see it as an additional cost - and then find that they have to spend a lot more cash to recover from a cyber incident after they have been compromised.
Cyber attacks such as ransomware, business email compromise scams (BECs) and data breaches are some of the major issues facing businesses today, but despite the high number of high profile incidents and their costly implications, many companies are still reluctant to release investment budgets. in meters cyber security which are necessary in order not to fall victim to an attack.
The cost of falling victim to a major cyber incident such as an attack ransomware can be many times more than the cost of investing in people and processes that can stop incidents from the beginning - something that many organizations only realize after it is too late.
"It is then that they realize they could have spent less if they had prevented the attack," he said. "Many organizations are dealing with this issue right now."
Even for organizations with a well-developed cybersecurity strategy, training, hiring and retaining staff can be challenging due to the high demand for employees with the required skills.
The issue of supply and demand is not going to be solved overnight, and while Wysopal believes that long-term investment in cybersecurity is vital, there are additional steps that can be taken to help more people with cybersecurity skills help. in protecting organisms from attacks.
If IT or development staff have at least some understanding of cybersecurity, this can help organizations, especially smaller ones, that may not have a large budget.
Source of information: zdnet.com