Survey respondents were asked which security event had a greater impact on their budget and executive security awareness of cybersecurity: Target's data breach, the Snowden leaks or the increase in targeted threats.
Key findings include:
• 42 percent said the Target breach had a greater impact on their security budgets.
• 31 percent said the Target breach had a greater influence on their executives’ security awareness.
• 22 percent said targeted threats had a greater impact on their security budget.
These results represent a significant drop in awareness since the same questions were asked at RSA 2014. At that time, 52 percent of respondents said the Target breach had a greater impact on their security budgets, and 56 percent said the Target breach had a greater impact on executive awareness.
“We all tend to be swayed by the most recent information security events,” said Dwayne Melancon, chief technology officer for Tripwire. “The responses to this survey are consistent with that behavior, and it’s a reminder that we all tend to relax our vigilance and become complacent over time. Instead of focusing on the latest breach headlines, I recommend that each organization focus on the equivalent of the Target breach for their specific business. This approach helps to focus resources on events that would inflict the most brand and customer damage.”