BYOD, Malware Among Top Issues Affecting IT Security

 
 
By Nathan Eddy  |  Posted 2014-07-24 Email Print this article Print
 
 
 
 
 
 
 
 

It's no secret that organizations worldwide face an ever-growing assortment of IT security threats—whether from outside the companies, like phishing incidents and malware attacks, or internal breaches resulting from bring-your-own-device (BYOD) initiatives or failure to follow security protocols. The United States, the United Kingdom and the German-speaking countries in Europe are experiencing an alarming number of security breaches and exhibit a diverse range of exposures, according to an IDG survey of 1,600 senior IT security and technology purchase decision-makers. The health care and financial sectors seem to be particularly susceptible to many security worries, although the report revealed that the manufacturing and education sectors are also struggling to protect themselves. The study suggests that IT professionals are still discerning where to apply tools and control integration capabilities, and the report noted interoperability could better advance prevention, diagnosis and remediation capabilities—areas with greater perceived security management challenges. eWEEK examines key data points from the study.

 
 
 
  • BYOD, Malware Among Top Issues Affecting IT Security

    by Nathan Eddy
    1 - BYOD, Malware Among Top Issues Affecting IT Security
  • Security Incidents Affect Nearly All Organizations

    Almost all (96 percent) of survey respondents said they experienced at least one significant security incident in the past year, while nearly four in 10 (39 percent) said they had experienced two significant incidents and 16 percent experienced five or more. The study also indicated infrastructure complexity impacts security management, with 40 percent of companies finding security management more difficult today than two years ago.
    2 - Security Incidents Affect Nearly All Organizations
  • BYOD Programs Poke Holes in Corporate Security

    Of the top seven areas that saw significant security violations, malware and advanced threat protection led the list, with 60 percent, followed by application security (58 percent) and wireless security. More than half (54 percent) reported a serious violation of personal mobile device use, indicating BYOD programs need to be strengthened.
    3 - BYOD Programs Poke Holes in Corporate Security
  • Firewalls, VPN Top List of Valuable Solutions

    Only a third of respondents said they were very confident when asked about the likelihood of improving their weakest IT security management areas, although 54 percent expressed some level of confidence and just 13 percent said they were not at all confident. Firewalls and virtual private networks (VPN) were considered the top solutions for integration value.
    4 - Firewalls, VPN Top List of Valuable Solutions
  • Information Security Overhead Expanding

    Problem prevention was perceived to be more challenging today than two years ago by 49 percent of all organizations across the five industry sectors surveyed, and the findings suggest many organizations will continue to place more emphasis on problem prevention and explore the means to facilitate remediation. Results also indicated that the information security management overhead is expanding rather than contracting in most organizations.
    5 - Information Security Overhead Expanding
  • Health Care, Financial Sectors See Data Leaks

    When ranked according to impact on a global basis, the health care sector was particularly affected by data leakage monitoring issues (60 percent). Although the financial industry appears to have seen fewer violations in data leakage monitoring, it recorded slightly higher-than-average data leakage incidents.
    6 - Health Care, Financial Sectors See Data Leaks
  • Health Care Also Struggles With Mobile Devices

    Respondents in the health care sector also revealed themselves to be even more immature in personal mobile device security (65 percent) and endpoint compliance discovery and remediation (62 percent), compared with the cross-industry aggregate (60 percent and 57 percent). Financial institutions, in general, had more mature security management capacity in aggregate compared with other industries.
    7 - Health Care Also Struggles With Mobile Devices
  • Education, Manufacturing Less Confident Than Finance

    Those most confident that security event-logging and monitoring tools would be improved came from the financial services industry (45 percent), with education the least certain in this respect, with just a third very confident, compared with 67 percent who were either somewhat or not confident. Those in the education and manufacturing sectors were the least sure that security measures relating to personal mobile device use would be improved.
    8 - Education, Manufacturing Less Confident Than Finance
  • Internal Security Breaches a Major Concern in U.S.

    Overall, a greater number of organizations are satisfied or overly confident with security provisions governing devices connecting to their networks that belong to their own staff; however, a sizeable proportion, particularly in the United States, fears breaches from within more than most. Compliance policy violations occurred an average of 2.6 times in the last year across all three regions, but more in the United States (3.1) than in the United Kingdom (2.5) and Germany, Austria and Switzerland (2.2).
    9 - Internal Security Breaches a Major Concern in U.S.
  • Mobile Security a Major Focus for IT

    Mobile security issues were ranked third in terms of impact significance for all global sectors, except financial services, where greater restrictions on device use are more strongly enforced. However, the survey found companies in this sector still suffered more violations due to issues with endpoint data encryption than those elsewhere.
    10 - Mobile Security a Major Focus for IT
  • BYOD Presents Myriad Security Issues

    An average of 78 percent of all respondents cited that any one of 14 popular BYOD controls referenced would have an impact on existing governance, risk and compliance (GRC). Malware prevention (82 percent), lost or stolen device data-wipe mechanisms (82 percent), appropriate user/device enrolment tools (81 percent), device usage controls (79 percent) and data encryption (79 percent) were perceived to have the most significant GRC implications.
    11 - BYOD Presents Myriad Security Issues
 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
Rocket Fuel