While most organisations are doing things right cyber security wise, recent research has revealed that a number of 'bad habits persist'.
Global cyber security company CyberArk recently conducted the survey titled: Cyber Security: Past, Present - Future.
The research was taken with 750 IT and IT security decision makers around the world. Respondents from Singapore, Australia, New Zealand and other countries around the world took part in the survey.
According to CyberArk, while 82% of respondents believe the IT security industry is making progress against cyber attacks, those gains are undercut by a number of bad security practices in critical areas.
Another finding made by the security company was that 79% of respondents had learned lessons from major cyber attacks and have since taken appropriate action to improve security.
67% also now believe their CEO/board of directors provide an adequate amount of cyber security leadership, which is up from 57 percent in 2015.
CyberArk found that nearly half of organisations allow third-party vendors (such as supply chain and IT management firms) remote access to their internal networks.
John Worrall, CMO of CyberArk, says this year's findings demonstrate that cyber security awareness doesn't always equate to being secure. “Organisations undermine their own efforts by failing to enforce well-known security best practices around potential vulnerabilities associated with privileged accounts, third-party vendor access and data stored in the cloud,” he says.
“There's a fine line between preparedness and overconfidence. The majority of cyber attacks are a result of poor security hygiene -organisations can't lose sight of the broader security picture while trying to secure against the threat du jour.