Businesses Gain a Better Grasp of IT Security Issues | eWeek

Businesses Gain a Better Grasp of IT Security Issues

nuix and it securtiy
Écrit par
Nathan Eddy
Nathan Eddy
Dec 22, 2015
2 minute read
eWeek Le contenu et les recommandations de produits sont indépendants de la rédaction. Nous pouvons gagner de l'argent lorsque vous cliquez sur des liens vers nos partenaires. En savoir plus

Businesses appear to me moving toward a stronger focus on insider threats and more understanding of cyber-security issues at the board level, according to a Nuix survey of 30 IT security officials.

The report found that there’s a greater focus on insider threats since the first report was conducted in 2014, with nearly three-quarters (71 percent) of respondents reporting that they have an insider threat program or policy, and 14 percent said that they allocate 40 percent or more of their budget to insider threats.

The survey also found people to be almost universally thought of as the biggest weakness in information security, ahead of technology and processes—of the respondents that reported to have an insider threat or policy, 70 percent offer employee training to minimize risk.

“The first agenda item for businesses with limited budgets is understanding that this is not merely an IT issue,” Keith Lowry, senior vice president of business threat intelligence and analysis at Nuix, told eWEEK. “It is a risk management issue that must begin in the boardroom and C-levels. IT is extremely important, but this issue goes well beyond the typical IT departmental authorities, capabilities, experience and training.”

According to Lowry, the next agenda item to tackle is a training and awareness programs, noting training begins at the board room and C-suite, including managers and all employees.

“Proper training and awareness programs are proven, effective ways of preventing the unwitting employees from falling victims to improper cyber health habits,” he said. “It also informs those witting employees that they are being watched, thus giving them pause to continuing their plans.”

The third item is to authorize and empower a single entity within the organization with the ability to counter insider threats wherever they appear within the organization, he said.

“Too often, interdepartmental strife and competition prevent swift and agile response to threats,” Lowry said. “The best way to create, authorize and empower this entity is to engage all stakeholders in its creation, so there is agreement and understanding of the countering insider threat efforts. Member stakeholders should include general counsel, privacy, civil liberties, IT, HR, admin, operations and security, to mention a few.”

Lowry explained that organizations must prepare themselves and understand their workforce, systems, critical value data, contractors and other third-party vendors to ensure appropriate risk management decisions are made.

“In 2016 and beyond, organizations should prepare themselves to be agile enough to not merely defend against these attacks, but be smart and prepared enough to counter threats dynamically,” he said. “Organizations should look beyond compliance and static answers to these evolving threats.”

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Propriété de TechnologyAdvice. © 2026 TechnologyAdvice. Tous droits réservés

Divulgation publicitaire : Certains des produits qui apparaissent sur ce site proviennent d'entreprises dont TechnologyAdvice reçoit une compensation. Cette compensation peut influencer la façon dont les produits apparaissent sur ce site, notamment l'ordre dans lequel ils apparaissent. TechnologyAdvice n'inclut pas toutes les entreprises ou tous les types de produits disponibles sur le marché.