A new piece of research from SafeNet has pointed out some worrying aspects regarding business security, including the fact that the majority of organizations -- some 60 percent of them -- are not confident that their data would be secure if a hacker was to get past their network's perimeter security.
While 74 percent of the thousand IT decision makers questioned said they believed their perimeter security was effective at keeping threats at bay, 41 percent believed that unauthorized users are able to access their networks, figures which don't quite marry up.
44 percent said their company firewall had been breached, or they weren't sure if it had, which isn't exactly a comforting state of affairs.
The upshot of all this is, SafeNet notes, that while businesses are investing IT budgets in perimeter security and the front line of keeping the bad guys out -- 93 percent said their company's investment in perimeter security had stayed the same or increased -- they do so at the expense of defense in depth strategies, and measures like data encryption to ensure that if there is a breach, damage is minimized.
Two-thirds of those surveyed said they would not decrease spending on network perimeter defenses, in favor of other security measures which could give more breadth. When asked to get rid of one way in which sensitive data is protected, most respondents said they'd ditch anomaly detection (49 percent), or data encryption (24 percent), with perimeter security being held as more important (only 15 percent).
It's not too surprising, then, that the majority aren't confident about data security should an attacker get past those hallowed perimeter defenses.
Indeed, a quarter of those surveyed admitted that they wouldn't trust their own personal data to be present on their company network, a telling statistic.
Tsion Gonen, chief strategy officer, SafeNet, commented: "The research findings reveal some interesting contradictions between the perception and the reality of data security. What's worrying is that so many organizations are still putting all of their eggs in one basket when it comes to data security. Perimeter security technologies are just one layer of protection, but too many companies rely on them as the foundation of their data security strategy when, in reality, the perimeter no longer exists".
He continued: "From the sheer volume of data breaches alone, it's clear that if a cybercriminal wants to hack the system or steal data, they will find a way to do so. So companies need to focus on what matters most -- protecting the data. That means building more intelligent security strategies and using defense-in-depth with multi-factor authentication and placing security directly on the data with encryption".
Published under license from ITProPortal.com, a Net Communities Ltd Publication. All rights reserved.
Aucun commentaire:
Enregistrer un commentaire