2016 Cybersecurity Snapshot 


ISACA’s January 2016 Cybersecurity Snapshot looks at cybersecurity issues facing organizations this month and beyond—from reactions to new cybersecurity legislation, to insights on information sharing and top cyber threats.

Among the key findings from nearly 3,000 IT and cybersecurity professionals worldwide:

  • The top three cyberthreat concerns for 2016 are social engineering, insider threats and advanced persistent threats (APTs).
  • 84 percent of respondents believe there is a medium to high likelihood of a cybersecurity attack disrupting critical infrastructure (e.g., electrical grid, water supply systems) this year.
  • 72 percent of respondents say they are in favor of the US Cybersecurity Act, but only 46% say their organizations would voluntarily participate in cyber threat information sharing, as outlined in the Act.

See the full results and related insights from cybersecurity experts below.

Blog Posts

Christos DimitriadisCybersecurity Snapshot: Cyberthreats, Regulations, Workforce Issues in 2016
The dynamic world of cybersecurity continued its rapid pace of change in 2015, creating new challenges and opportunities for ISACA.... Read more

Montana WilliamsCybersecurity Information Sharing Enacted in the US
The number and severity of cyber threats in the United States are on the rise, and a new voluntary program... Read more

survey results

Cybersecurity Snapshot

View News Release


Join the conversation on Twitter: #CyberSnapshot
Follow ISACA on Twitter.

Cybersecurity and the US State of the Union: Expert Insights

 Christos K. Dimitriadis
Christos K. Dimitriadis, Ph.D., CISA, CISM, CRISC
International President of ISACA and group director of Information Security for INTRALOT

"The Cybersecurity Snapshot shows that the professionals on the front lines of the cyberthreat battle recognize the value of information-sharing among consumers, businesses and government, but also know the challenges associated with doing so.

Cybersecurity has become a high-stakes, boardroom-level issue that can have crippling consequences for any C-suite executive who lacks knowledge about the issues and risks.

Strong public-private collaboration and ongoing knowledge-sharing are needed to safeguard our organizations from cybercriminals."

 Garry Barnes
International Vice President of ISACA and Practice Lead, Governance Advisory at Vital Interacts

"In the last 12 months, we have seen large-scale data losses and service outages at major corporations. Increasingly, organisations are seeking guidance on cybersecurity, and are being asked by their boards of directors and customers on the quality of their security program. We have seen governments worldwide grapple with the multiple challenges of cyber crime, defending national interests, building cybersecurity capabilities and sharing intelligence. And, we see constant debate about the erosion of privacy, while each of us willingly (or unknowingly) divulge more and more of our personal information through social media.

There is no denying the growing role of technology in society today. With that comes a pressing need for more cybersecurity expertise to help conquer today’s challenges and to build tomorrow’s secure solutions. These skills are in demand but the supply falls short.

The findings from this survey are another reminder of the challenges we face and the important role ISACA plays in closing the gap in cybersecurity skills.”

 Eddie Schwartz
International Vice President of ISACA and president and COO of WhiteOps

“Generally, over the past 15 years, security professionals have sought vehicles for greater information sharing within industry sectors, across industries, and across the public and private sectors.

Historically, organizations only have been willing to share information when certain important conditions are met, such as: explicit release from downstream liability associated with the data sharing; protection of the data from use by unauthorized parties, such as criminals or other cyber adversaries; anonymity; and actionability through a taxonomy that can be technology enabled.

So, aspects of CISA that incentivize and reduce the legal or regulatory liability associated with threat information sharing will be welcome.”