Enterprises spend more than $70 billion dollars annually on information security. But a survey of top security experts revealed that there is a gap between the threats most feared by the experts and what management focuses on.
The survey taken at the Black Hat USA 2015 security convention revealed that 57% of those survey feared direct targeted attacks against their companies. 46% fear social engineering attacks also know as phishing. When asked what the security spend most of their work day dealing with, there was a significant disparity. Vulnerabilities introduced by their own development team, phishing and vulnerabilities in purchased software.
73% of those survey said they will likely have to respond to a serious security breach in the next year. It seems such threats continue as there is a lack of funding and expertise for information security.
Read the survey in more detail here.