A new piece of research has raised further worries about data breaches, and specifically, the perception gap between the number of businesses who believe they’ve experienced a breach, and the actual numbers of data breaches occurring.
The research in question is the new Breach Confidence Index from Ilex International, an identity and access management company, which is based on a survey by YouGov that questioned just over 500 IT decision-makers in the UK.
It found a rather misplaced high level of confidence regarding breaches, with 24 percent of those questioned saying they were very confident their organization is protected against a possible breach, and a whopping 59 percent saying they were fairly confident.
In other words, there’s a good level of confidence from 84 percent of businesses in terms of their defenses, which obviously isn’t a realistic figure given the amount of breaches that occur.
Of course, as Ilex pointed out, some firms may not even realize they’ve been the victim of a hack. Half of respondents -- 49 per cent -- said their organization hasn’t been hit by a security breach, yet when you compare that to the actual statistics there is a major disconnect.
The IT decision-makers surveyed were also asked what the most common weaknesses were that resulted in a security breach, and the foremost issue was, unsurprisingly, malware vulnerabilities which were responsible for 22 percent of breaches.
Email security was only just behind that, though, on 21 percent, with employee education (i.e. bad practices or user error from staff) in third place at 15 percent.
Cloud apps were next at 12 percent, also tied with insider threats (malicious actions from staff) on the same percentage.
Thierry Bettini, director of International Strategy at Ilex, commented: "It’s important that businesses come to terms with the reality of data security breaches. If they don’t think they have been targeted yet, they will be and need to be prepared. As technology evolves and brings new security risks, businesses should be doing all they can to educate employees on security best practices and tighten access to sensitive data".
Published under license from ITProPortal.com, a Net Communities Ltd Publication. All rights reserved.
Image Credit: Sergey Nivens / Shutterstock
Aucun commentaire:
Enregistrer un commentaire