Corporate management is in denial. Despite Ponemon findings that an average breach costs a company $5.4 million, most company leaders (79%) do not equate a security breach with losing money. In fact, the recent study on Exposing the Cybersecurity Cracks paints a picture of management trying to avoid the truth while IT professionals become more and more frustrated fighting a losing battle against attackers.
There are a number of reasons why IT professionals are so frustrated. Of the 609 IT professionals questioned in the U.S., 63% claim they can’t stop confidential information from leaving their networks. This is because most (69%) say that their security protection systems just aren’t good enough. Frustration probably sets in when they know what they need to protect their networks but can’t seem to persuade management that important upgrades are necessary, especially when management doesn’t seem all that worried about breaches.
IT professionals are also frustrated by the massive increase in the number and variety of attacks. They find themselves overwhelmed. Less than half (47%) believed they have a clear understanding of the threat landscape facing their companies. And even if they did, they lack the tools to fight these threats. Only 26% say that they can adequately protect their company. It’s sort of like fighting an army of tanks with sticks and stones. Among those whose companies had lost sensitive data, few (29%) had any idea what exactly they had lost. In such an environment, it is no surprise that the report concludes that “many security professionals have sleepless nights due to the sophistication of today’s threats.”
The report offers a few suggestions. Unsurprisingly, it suggests that companies invest more money in security, but such investments should be informed. Simply buying a large number of security solutions isn’t going to solve the problem. All points in a network should have some form of defense. Don’t expect a ‘one-size-fits-all’ solution. Investment should be in security that provides details of the attack so that future actions can be taken to secure a network. Finally, and, perhaps, most importantly given the number of attacks that begin with phishing attacks, employees need to be educated in security so that they can be active participants in it. In the end, one gets the idea that, if companies can inspire their employees to think of security as a team effort, they may be able to withstand more attacks. Of course, in order to do this, companies need management that puts security as a top priority because, if they don’t believe in this, there is no way they can inspire their employees to change their behavior.
All IT professionals know that mobile device endpoints are the weakest part of a network. Why not take this worry out of the security picture? InZero Systems’ architecture separates any mobile device into two separate devices. This hardware-based separation enables the user to have a personal and a work device in one. Anything the user does, no matter how irresponsible, cannot cross the barrier into the work side of the device. Your important company data is secure and your IT workers can have fewer sleepless nights.