Because of the increasing frequency and severity of cyberattacks against organizations, a majority of information technology experts are suggesting they do not feel confident in their leadership's ability to leverage intelligence that can predict a cybervulnerability, and effectively combat any potential threats.

According to a new survey commissioned by Lockheed Martin, a majority of respondents noted that they're seeing an increase in the severity and frequency of cyberattacks, and they said they feared they don't have the budget or additional expert personnel available to address these threats.

Guy Delp, director of cybersecurity and advanced analytics for Lockheed Martin, said the results collected and shared through the data suggest bigger and ongoing issues related to cybersecurity.

"This survey illuminates areas of concern about cyber-readiness across government and critical infrastructure industries," Delp said. "The results highlight that the challenges in this domain are universal across both industry and government, and, therefore, our response needs to be equally holistic."

Lockheed Martin's survey also discovered some other findings, including:

  • Organizations are relying on "intuition," rather than intelligence, to assess their security levels: Business and government respondents who felt that they were not presently being targeted for attack relied on their intuition (35 percent) or logical deduction (33 percent) rather than data or intelligence (32 percent) to justify their beliefs.
  • Whether malicious or negligent, insiders continue to be among the greatest perceived cyberthreats: 36 percent of respondents said negligent insiders were the most significant network vulnerability facing their organization, and more than half (53 percent) ranked malicious insiders in their top four threats.
  • The most serious risks do not receive the most budget: The top two factors impacting an organization's cybersecurity posture — employee awareness and supply chain security receive only 4 and 15 percent of cybersecurity budgets, respectively. Top budget items, such as mobile and cloud security, are both perceived to be lower threat levels.

"Compliance was rated the top cybersecurity business priority by the survey respondents," Delp said. "Though somewhat surprising, it is a tell-tale sign that organizations feel the pressure to meet industry security compliance requirements. While satisfying compliance standards is important, organizations should view it as a foundation on which to build a more comprehensive security posture."

The Lockheed Martin Intelligence-Driven Defense survey was conducted in November by the Ponemon Institute. The survey connected with 678 U.S.-based senior IT practitioners from a variety of sectors, including financial services, the federal government, healthcare, utilities, energy, pharmaceuticals and chemicals.