Even though organizations have invested in security solutions, nearly half of them have had a breach in the last twelve months.  When reviewing a recent global survey by the Ponemon Institute, it becomes clear why businesses still find themselves at risk.

 

According to the Ponemon Institute’s global survey, 83% of businesses around the world believe they are most at risk because of organizational complexities.  Some of the challenges they listed include the following:

  • 75% of organizations are not fully prepared to deal with potential security risks resulting from IoT.
  • 74% of organizations find they need a new IT security framework to improve their security posture and reduce risk.
  • 69% of organizations find that some of their existing security solutions are outdated and inadequate.

 

Add to this, findings from the study that indicate that employees don’t follow corporate security requirements because they are too difficult to be productive and because policies hinder their ability to work in their preferred manner (which is why shadow IT is on the rise, employees want easier ways to get their work done).

 

Furthermore, 87% of organizations find data assets are increasing, putting more information at risk since employees are putting that data on their devices.  This means key corporate information is available on any laptop, phone or tablet; in or outside of the office.

 

When it comes to some of the things IT pros are concerned about the study reveals that:

  • 79% of IT pros worry about security breaches involving high-valued information.
  • Protection of apps and data is more critical than ever, with 71% of IT pros saying there is risk from their inability to control employees’ devices and apps.

 

As for what organizations find to be the keys to reducing security risks over the next two years in building a new IT infrastructure IT pros listed:

  • data management (73% of IT pros)
  • configuration management (76% of IT pros)
  • app management (72% IT pros)

 

While the study’s findings are encouraging, since it’s obvious that security is something organizations want to become active in implementing in the next two years, the thought process of how they’re treating security is still much like that of a patch solution.

 

You can’t fix app security risks without addressing insider threat, such as employees’ disregard of policies and procedures; nor can you implement policies that make it harder for employees to get work done.  Organizations need a security solution that fits their needs all around.

 

Since security involves more than one component (and requires them to work together as a process that flows), the only way organizations are going to get anywhere with security is to approach it holistically.  This means involving technology, process and people.  When all the pieces of security work together and become a part of the business process flow too, it will become second nature for businesses to keep up the pace with their security risks.

 

How far along is your new IT security framework?  Let’s talk about your needs to make sure your set up really gets you where you need to be to stay in business and defend against risks.

 
Schedule your free IT security consultation today!

 

Photo Courtesy of Dusit