IT security practitioners are less than confident about the capabilities of their enterprise to defend against cyberattacks, according to Tenable Network Security.
In its global study of IT security professionals, the US-based network security company found that two in five respondents feel "about the same" or "more pessimistic" about their firm's ability to fend off hackers compared to last year.
Ron Gula, CEO of Tenable Network Security, said that the '2016 Global Cybersecurity Assurance Report Card' suggests that security pros feel overwhelmed by the increasingly complex threat environment, with more than 20% of respondents unable to say with any certainty that they are able to assess and mitigate cybersecurity risks.
Cloud applications, cloud infrastructure and mobile devices were cited as the three most challenging IT components for assessing cybersecurity risks.
The response from the security practitioners in six countries and seven industry verticals led Tenable Network Security to donate a "C" grade in indexes measuring risk and security assessments. Of the seven industries put under the spotlight, government and education earned the lowest scores (D) and the financial services segment earned the highest (B-).
"What this tells me is that while security innovations solve specific new challenges, practitioners are struggling to effectively deploy an overarching security strategy without gaps between defences," commented Gula.
He added that a number of recent high-profile attacks have shaken the confidence of security pros and urged businesses to go about restoring that some poise.
"With so much at stake, organizations need to know whether their security programs are effective or if they are falling short," he stressed.
The study also revealed a "disconnect between the CISO and the boardroom", with many security professionals unsure whether their executives and board members comprehend security risks and are investing enough to mitigate them.