A recently released study of 775 respondents conducted by Paradoxes Inc. for Oracle asked government policy makers and influencers, C-suite executives, and tech-savvy members of the public how they think U.S. data can be protected from increasing cybersecurity risks.
The majority of survey respondents believe that investing in security software, infrastructure, and emerging technologies is critical to protecting U.S. data to meet current and ongoing cybersecurity risks.
More than half (51%) of C-suite executives and 62 percent of policy makers said investing in IT/security infrastructure would better equip the U.S. to secure data; 59% of C-suite and 60% of policymakers also cited investing in security software. When it comes to their own security investments, 44% of C-suite executives and 33% of policymakers plan to purchase new software with enhanced security over the next two years, while and 37% and 25% respectively plan to invest in new infrastructure solutions to improve security.
Human error viewed as the top cybersecurity risk
Both C-suite executives and policymakers ranked human error as the top cybersecurity risk for their organizations and are choosing to invest more in people—via training and hiring—than in technology, such as new types of software, infrastructure, and artificial intelligence (AI) and machine learning (ML). Only 38% of C-suite executives and 26% of policymakers plan to invest in AI and ML to improve security in the next 24 months.
“We are at a critical juncture in our cybersecurity journey, as more decision makers in the public and private sector recognize the benefits of investing in next-generation technology designed for security to make progress on addressing previously intractable threats, instead of relying solely on people or legacy technology,” said Edward Screven, Chief Corporate Architect at Oracle. There is “a greater need for business and government to understand how and why next-generation technologies are so critical for their own cyber defenses.”
Queried about what their organizations had done over the past five years to improve security, both C-suite executives and policymakers said they had upgraded existing software (60% and 52%) and trained existing staff (57% and 50%). Just over half (54%) of C-suite executives and 41% of policymakers have purchased new software with enhanced security features, while 40% of C-suite executives and 27% of policymakers have invested in new infrastructure solutions.
What are the threats? Who should counter them? How can they be met?
Respondents viewed attacks by foreign governments as the greatest security threat to the technology industry, but also believe the industry is well equipped to protect data. A significant majority (79% of C-Suite executives and policymakers, 64% of the general public) trust the technology industry to behave responsibly and in the best interests of the American public as it relates to data security. But only about a third of the C-suite and policymakers think it is the government’s responsibility to protect consumer data, viewing it as an industry responsibility instead.
Only 33% of C-suite executives and 20% of policymakers adopt and implement AI and ML to its fullest potential, yet they strongly believe autonomous technologies powered by AI and ML will improve the way they protect and defend against security threats.
The full report, Security in the Age of AI, is available here.