Think a cyber breach won’t happen to you? Think again

Cybersecurity awareness is on the rise and organizations increasingly are looking to the government for help, but too many still don't think an IT security breach will happen to them, according to a new survey.

A report from Dell released Feb. 20 reports that while three-quarters of those polled admitted to suffering a security breach in the past year, only 37 percent ranked unknown threats as a top security concern for the next five years, and only 18 percent consider predicting and detecting unknown threats a top concern.

But unknown threats  are one of the biggest dangers to enterprise IT security, according to Paul Christman, vice president of Dell's federal sector.

"You don't think you need health insurance or life insurance, until you need it – there really is a belief of 'it won't happen to me.' But that will go away as we continue to see large-scale attacks affecting millions," Christman said. "It's not a question of if, but when, and how prepared am I going to be? By the time it happens, it's too late; you can't apply security retroactively. But there are enough IT people sounding the alarm that agencies and mission-owners are starting to see it not as an IT problem anymore, but as a business problem."

For answers, businesses and agencies are turning to the government. Nearly 90 percent of respondents believe federal agencies should be involved in determining organizations' cyber-defense strategies, and 78 percent in the U.S. say  government plays a positive role in protecting against both internal and external threats.

"Publications from the White House, NIST and other governing standards bodies at the federal level are really trickling down to commercial, state and local entities," Christman said. "It's not particular to business or mission – whether you're the IRS or a franchise tax board in California, the mission is the same. The need to protect against intrusion is the same. There's a lot of recycling of standards going on and federal leadership is being recognized."

But not everyone is a believer. Some 30 percent of respondents said they think the government is not helping at all, a result Christman called disappointing.

"The good news is the leadership is there. We would like to see more organizations taking advantage of that," he said. "Hackers don’t care whether credit card information is stored at a government agency, a hospital or a bank; it all needs to be protected, and this survey highlights this sort of ubiquitous problem."

But Christman does take heart from one of the report's other statistics: 63 percent of those polled said they are seeing increased funding for education and awareness.

"That has to be regular and consistent and happen over and over again," he said. "Education and awareness are key. We're making progress."