Around eight in every 10 cybersecurity executives admit their company has been compromised by a cyberattack in the past 24 months, according to a new KPMG report.
In a survey of 403 CIO, CISO and CTOs working in the retail, automotive, banking and technology industries, it was found that 81% had experienced some form of cyberattack. Most security breaches were found in the retail sector (89%), followed by automotive (85%), then banking and technology (76%).
Less than half of executives said their company had invested in information security in the past year
However, despite the prevalence of cybercrime in these industries, less than half (49%) of the same executives said their company had invested in information security in the past year. In the automotive industry, just 32% of executives said they had invested in this area, while banks (66%) and technology (62%) were the most proactive.
"Cyberattacks are affecting nearly every single company we encounter, but we're not seeing those attacks drive enough proactive business action as evidenced by the rate of investment made in information security," said Greg Bell, KPMG Cyber US Leader.
"We're still seeing companies taking a passive or reactive approach toward cybersecurity, when in fact cyber should be a top-line business issue thought about and practiced company-wide."
The survey found that just 69% of companies employ an executive whose sole responsibility is information security – although the figure does vary between industries. Some 85% of banking and technology companies employ a leader responsible for only security, while the same is true of just 45% of automotive companies.
The prevalence of cyberattacks in major companies is alarming, but not surprising. As previously reported by WeLiveSecurity, as many as 90% of large businesses in the UK admitted to suffering some kind of recent data breach.
The latest figures by KPMG tell a familiar story, further stressing the importance that businesses across all industries invest accordingly.