While retail and consumer (R&C) executives are spending less on security due to insufficient capital, cyber crime incidents across the R&C industry are on the rise, according to findings from PwC’s new report, “R&C Insights: Confidence and progress.” The report surveyed nearly 1000 senior industry executives from the R&C industry and concluded that companies must ramp up their readiness efforts and consider not only cyber threats of the past, but also their present risk as well as potential future threats.
Nearly three quarters (72%) of respondents said they are either very confident (35%) or somewhat confident (37%) that their information security practices are effective; however, according to PwC, companies may be developing a false sense of security as the number of cyber crime incidents continues to rise.
PwC suggests that executives consider the security impact of new technologies, such as advanced persistent threats (APT), and employee use of personal technology within the enterprise, as nearly half of the industry has not yet started to put new technology capabilities in place.
Among key findings, PwC found that companies have been more reluctant to spend on security priorities than in previous years, citing insufficient capital and operating expenditures as the leading obstacles to the effectiveness of their information security strategy. Furthermore, confidence remains high, but it has declined 13 points since 2007.
Other key findings include:
• 75 percent of respondents were able to provide details about their security breaches while less than half of respondents could do so in previous years, reflecting more awareness of security issues among R&C executives.
• 48 percent of respondents are confident that security spending will increase anywhere from 10 percent to 30 percent or more within the next year.
• 34 percent of respondents are implementing strategies to keep pace with employee use of personal electronic devices.
• 54 percent of respondents say that cloud computing has improved their information security.
• 86 percent of respondents say their organization’s security policy does not address APT.
"R&C Insights: Confidence and Progress” includes retail and consumer industry insights based on findings from PwC's 2012 Global State of Information Security Survey (GISS).