I know, in reading the headline it seems obvious doesn’t it? But that’s just it. Sometimes the obvious isn’t so obvious. It seems that many businesses believe they are protected because they have a security person, IT supports that person, they have firewalls, they get an annual penetration test, and they “fix” things the test finds. Sounds about right?
In the recently published Part II of the Enterprise Strategy Group (ESG) and the ISSA (Information Systems Security Association) “Through the Eyes of Cyber Security Professionals” report, it was uncovered that many businesses put themselves at risk because they don’t have enough staff, and the staff they do have aren’t getting the right training and support they need to protect the organization.