A new report from Cornell University and FreedomPay found that stakeholders were almost universally satisfied with internal risk assessment processes (96%) and cybersecurity systems (95%), despite the reality that one in three (31%) has experienced a data breach in the past. Among companies that had suffered a breach, most (89%) had experienced multiple breaches in a single year.
Consumer-facing businesses, like retailers, restaurants, and hospitality brands, have a major gap between their leaders’ confidence in their cybersecurity postures and the realities at hand. As businesses contend with growing and more frequent threats, prevention and remediation efforts are spurring complexity. Three-quarters (74%) of companies report they use multiple cybersecurity systems, most (56%) have multiple systems spread across multiple locations, and half (49%) say these systems are governed by multiple departments.
Small merchants (57%) were significantly more likely to report governance falls under a single department, while large merchants (63%) are more likely to have multiple departments involved.
Most companies have a cybersecurity system in place for cloud security (80%), as well as network (75%), customer data (75%), and payment (74%) security. The proliferation of systems and matrixed reporting are reflective of executives’ attitudes, with many (87%) seeking leadership in the form of government intervention in the fight against cybersecurity threats.
Cornell University and FreedomPay queried 300 retail, food/beverage, and hospitality respondents identified as primary and shared decision-makers for cybersecurity product purchasing at their respective companies. All respondents came from companies with 50 or more employees and an annual revenue of $1 million or greater, including 115 respondents from companies with revenues of $250-999 million and 38 from companies with revenues of or above $1 million.
Read the full report by Cornell University and FreedomPay.