Despite the rise of ransomware and other malicious attacks, 44% of companies worldwide said they do not have an overall information security strategy, according to the 2018 Global State of Information Security Survey from PwC.
Further, 48% of the 9,500 executives surveyed across 120 countries said they do not have an employee security awareness training program, and 54% said they do not have an incident response process.
“Many organizations need to evaluate their digital risk and focus on building resilience for the inevitable,” said Sean Joyce, PwC’s US cybersecurity and privacy leader, in the report.
Cybersecurity preparedness varies widely between countries worldwide, PwC found. Nations most likely to employ an overall security strategy include Japan (72%) and Malaysia (74%). Both countries are in East Asia and the Pacific, where the World Economic Forum says cyberattacks are among the top five business risks.