IT disaster recovery, cloud computing and information security news

Unimplemented areas of complex IT security products are putting businesses at risk: survey

Details
Published: Friday, 29 May 2015 06:51

Companies are putting their customers’ data at risk because IT teams do not have the expertise or time to deploy today’s complicated IT security products, a new survey report from Lieberman Software Corporation claims.

The survey, which was carried out at RSA Conference 2015 and measured the attitudes of nearly 170 IT security professionals, revealed that 69 percent of respondents do not feel they are using their IT security products to their full potential. As a result, a staggering 71 percent of IT professionals believe this is putting their company, and possibly customers, at risk.

When survey respondents were asked why they don’t use their IT security products to their full potential, 62 percent revealed they either found the products too complicated to deploy, too time consuming to deploy, or didn’t think they had the expertise to properly deploy them.

“As zero-day attacks and other cyber threats evolve at a steady pace, many organizations are searching for new IT security solutions to defend against the latest wave of attacks,” said Philip Lieberman, President of Lieberman Software. “Unfortunately, these organizations often discover too late that the products they purchase cannot scale to large enterprise environments, or be deployed quickly enough to provide real defense / defence. That creates a significant security deficit that leaves organizations at risk, as the findings in this survey indicate. To be effective in today’s cyber warfare environment, a security solution must have enterprise scalability, be rapidly deployed without requiring expensive or time-consuming professional services, and operate automatically and continuously – without involving direct human interaction.”

Additionally, 61 percent of survey respondents admitted that their organization has deployed a security product purely to meet regulatory compliance regulations, rather than to increase security.

“Regulatory compliance requirements drive most implementations of IT security products. However, compliance does not equal security. Despite the regulatory initiatives that most organizations are subject to, data breaches are now happening more frequently and becoming increasingly severe. There’s more to achieving real IT security than completing an auditor survey and marking a few check boxes. True security requires continuous measurement and correction in the face of the unrelenting cyber threats that compliance mandates simply fail to anticipate,” continued Lieberman.

For more information on the survey, visit http://go.liebsoft.com/2015-information-security-survey



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

Root Cause Analysis
The Impact Tolerance Guide

Additional Resources

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.