Most IT Pros Rank Organizational Security Above Average | eWeek

Most IT Pros Rank Organizational Security Above Average

solarwinds and IT security
Écrit par
Nathan Eddy
Nathan Eddy
Nov 19, 2014
3 minute read
eWeek Le contenu et les recommandations de produits sont indépendants de la rédaction. Nous pouvons gagner de l'argent lorsque vous cliquez sur des liens vers nos partenaires. En savoir plus

While confidence in security is notably high among businesses, likely the result of several key factors, widespread adherence to security best practices is lacking, and significant, damaging attacks continue, potentially indicating this confidence is a false sense of security, according to a report from IT management specialist SolarWinds.

The vast majority—84 percent—of those surveyed said they consider their organizations to be very secure, falling within at least the 30th percentile of the most secure organizations, with 15 percent of those believing their organizations are in the top 10th percentile.

In addition, 87 percent said their IT departments currently have sufficient resources to keep their organizations secure.

Nearly 30 percent of respondents do not believe their organizations are a target for an attack, and another 27 percent said they feel they are at low risk of a successful attack.

In addition, 82 percent reported their organizations have experienced a significant attack, with approximately one-third of those reporting that it took at least one month to discover the attack.

“Insiders, whether malicious or accidental, as well as external attackers are obviously core threats. However, we’ve learned that the biggest threat is actually complacency,” Mav Turner, director of security for SolarWinds, told eWEEK. “People are getting the budgets they are asking for and think they are secure, but continue to suffer security incidents.

“Unfortunately, security isn’t something that’s ever finished. When it comes to securing your business, if you are focused on a single threat or attack vector, you are creating an opportunity for an attack somewhere else. Businesses need a comprehensive and layered approach to how they think about security to truly protect themselves.”

Furthermore, approximately one-third said it took at least one month to recover from an attack, getting the affected systems or applications back online and operating and mitigating the security hole.

Underscoring this is that nearly 40 percent said their organizations either do not have defined security best practices or, if they have them, do not regularly follow them.

The survey indicated that increased budget, manpower, and integration between security and other IT processes and operations, such as network and system administration, are driving this confidence in security.

For example, 74 percent of those surveyed reported their departments’ security budgets increased from last year to this year. Moreover, only 1 percent said their organizations do not have at least one staff member responsible for security, and 97 percent said they have more than one.

This increase in manpower could explain why 61 percent said they are able to test their defenses at least monthly.

Finally, 47 percent said their IT departments tightly integrate security and other IT processes and operations, while all others reported at least some level of interaction.

“Small businesses are most vulnerable because they are the most in need of a simple solution for security. They have fewer resources to keep dedicated to security,” Turner said. “So, although they will invest in it, they will not be able to invest proportional to the escalating threat capabilities of attackers. Small businesses need to find ways to minimize their attack surface by looking to partners to offload data.”

Turner said the only reason a small business should consider storing any data is if storing it is critical to their competitive advantage or unique to their business operations.

“If keeping this data is not absolutely required, don’t do it,” he said. “This will ensure that even if they are attacked, there will not be an impact to customers.”

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Propriété de TechnologyAdvice. © 2026 TechnologyAdvice. Tous droits réservés

Divulgation publicitaire : Certains des produits qui apparaissent sur ce site proviennent d'entreprises dont TechnologyAdvice reçoit une compensation. Cette compensation peut influencer la façon dont les produits apparaissent sur ce site, notamment l'ordre dans lequel ils apparaissent. TechnologyAdvice n'inclut pas toutes les entreprises ou tous les types de produits disponibles sur le marché.