Tech Companies Preparing for When, Not If, Cyber Attacks Occur: Survey

According to the results of a survey conducted by Silicon Valley Bank, the majority of technology and healthcare companies view cyber security as a serious threat to both their data and business continuity, and just over one-third are completely confident in the security of their information in a survey of more than 200 technology company executives.

The full report, “Cyber Security Impact on Innovation,” was part of a discussion led by Silicon Valley Bank between Silicon Valley-based CEOs and Michael Daniel, Special Assistant to the President and Cybersecurity Coordinator. On September 20, the group discussed the impact of cyber security threats and attacks on growing and established technology companies.

Overall, companies express confidence in the security of their information, the report said, but only 35% are completely/very confident, while 57% are moderately confident.

Furthermore, survey respondents much less confident about the security measures taken by their critical business partners, including vendors, distributors and customers, with only 16% saying they were completely/very confident.

“The survey shows us the threat of a cyber attack is not just hype. A surprising number of technology companies we heard from say the threat to their IP and their business is very serious,” said Bob Curley, Managing Director of corporate finance for Silicon Valley Bank. “Companies in the tech sector, particularly software companies, are feeling exposed, and increasingly having to expend resources to manage cyber attacks, rather than investing in the growth of their business. That’s a huge impact on a growing company, and eventually the economy overall.”

Resources Focus on When, Not if, Attack Occurs

Nearly all (98 percent) of companies are maintaining or increasing their cyber security resources and of those, half are increasing resources devoted to online attacks this year. Resources are most likely to be invested in monitoring, preventative policies, training and staffing rather than in preventative infrastructure, indicating they are planning for when, not if, they are attacked.

The report also found that while most respondents were “moderately confident” in the security of their information, they were less confident in their partners’, vendors’ and clients’ security measures. Most respondents said they are storing their data privately, showing a lower interest in storing their information in the public cloud. Software companies were the exception with 59% using the public cloud, versus more private behavior by hardware, healthcare and cleantech companies.

Forty-six percent of companies, whose main offering is not security, include cyber security functionality in their product and 8% more plan to add a cyber security component to their core offering.

The survey was completed by 216 C-level tech and healthcare executives, 65% of whom were President/CEO.

The full report with the results of the findings is available here. 

Related Insight: Where and How am I at Risk in Today’s Cyber Environments?