The bad news is that 80 percent of those surveyed said their organizations experienced some kind of security incident in 2015. The good news is that this is apparently motivating companies to invest more in securing their networks. Exactly how they plan to do it varies, with the top three areas in which improvements are planned include intrusion detection, penetration testing and advanced threat protection.
Meanwhile, 73 percent are already enforcing end-user security policies and almost as many – 72 percent – are providing user education to employees aimed at spotting and avoiding malware and phishing scams.
Read more here:
http://www.eweek.com/small-business/it-pros-plan-on-improving-security-in-2016.html