'Half of IT experts don't change security strategy after cyber attacks'

Nearly half of the IT security professionals, 46 per cent, failed to change their security strategy substantially even after experiencing a cyber-attack, according to the information by the security company, CyberArk.

This level of cybersecurity inertia and failure to learn from past incidents puts sensitive data, infrastructure, and assets at risk, CyberArk's "Global Advanced Threat Landscape Report" 2018, said this week.

Over 46 per cent respondents said their organisation can't prevent attackers from breaking into internal networks each time it is attempted while 36 per cent reported that administrative credentials were stored in Word or Excel documents on company PCs.

Meanwhile, 50 per cent admitted that their customers' privacy or personally identifiable information (PII) could be at risk because their data is not secured beyond the legally-required basics.