SailPoint has published the results of its 9th annual Market Pulse Survey which explores how enterprises are managing cyber security, amid an evolving threat landscape. This years’ Market Pulse Survey found that of the 50 percent who reported being breached in 2016, the average material impact to the business was £3.1 million ($4m). The survey also found that 35 percent of companies suffered two or more breaches in the last twelve months. Unfortunately, 3 in 5 expect to be breached during 2017, with 29 percent believing they won't even know they were breached when it happens. As a result, survey respondents are focused on mitigating their exposure points as an organization; with 65 percent seeing identity management as a foundation of their security strategy.
The SailPoint Market Pulse Survey was conducted by research firm Vanson Bourne to interview 600 senior IT decision-makers at organizations with at least 1,000 employees across Australia, France, Germany, Italy, the United Kingdom and the United States.
The report found some common areas of risk that organizations need to address:
- Documents and files may be an enterprise’s biggest downfall: unstructured data that lives outside of structured corporate systems and applications is a huge red flag for enterprises today and 41 percent aren’t sure how to manage and protect this data from theft.
- Employees need to understand – and follow – corporate security policies: over one-third of respondents (42 percent) cite trends like bring-your-own-device (BYOD) and shadow IT as great areas of risk for their organization, yet less than half have formalised corporate security policies in place. Coupled with the risks posed by continued poor password hygiene cited by 25 percent of respondents, it’s clear that enterprises need to better outline and enforce corporate security policies, company-wide.
- The contractor workforce is an enterprise blind spot: the surge in freelancers, contract workers and other third parties that make up today’s diverse workforce presents a significant challenge for organizations as it relates to managing identities and their access. 46 percent of respondents are concerned with the threat that contractors may pose to their organization, with 70 percent admitting they don’t have full visibility into the access contractors have to corporate systems and the sensitive data that lies within.