eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
2Security Incidents Affect Nearly All Organizations
Almost all (96 percent) of survey respondents said they experienced at least one significant security incident in the past year, while nearly four in 10 (39 percent) said they had experienced two significant incidents and 16 percent experienced five or more. The study also indicated infrastructure complexity impacts security management, with 40 percent of companies finding security management more difficult today than two years ago.
3BYOD Programs Poke Holes in Corporate Security
Of the top seven areas that saw significant security violations, malware and advanced threat protection led the list, with 60 percent, followed by application security (58 percent) and wireless security. More than half (54 percent) reported a serious violation of personal mobile device use, indicating BYOD programs need to be strengthened.
4Firewalls, VPN Top List of Valuable Solutions
Only a third of respondents said they were very confident when asked about the likelihood of improving their weakest IT security management areas, although 54 percent expressed some level of confidence and just 13 percent said they were not at all confident. Firewalls and virtual private networks (VPN) were considered the top solutions for integration value.
5Information Security Overhead Expanding
Problem prevention was perceived to be more challenging today than two years ago by 49 percent of all organizations across the five industry sectors surveyed, and the findings suggest many organizations will continue to place more emphasis on problem prevention and explore the means to facilitate remediation. Results also indicated that the information security management overhead is expanding rather than contracting in most organizations.
6Health Care, Financial Sectors See Data Leaks
When ranked according to impact on a global basis, the health care sector was particularly affected by data leakage monitoring issues (60 percent). Although the financial industry appears to have seen fewer violations in data leakage monitoring, it recorded slightly higher-than-average data leakage incidents.
7Health Care Also Struggles With Mobile Devices
Respondents in the health care sector also revealed themselves to be even more immature in personal mobile device security (65 percent) and endpoint compliance discovery and remediation (62 percent), compared with the cross-industry aggregate (60 percent and 57 percent). Financial institutions, in general, had more mature security management capacity in aggregate compared with other industries.
8Education, Manufacturing Less Confident Than Finance
Those most confident that security event-logging and monitoring tools would be improved came from the financial services industry (45 percent), with education the least certain in this respect, with just a third very confident, compared with 67 percent who were either somewhat or not confident. Those in the education and manufacturing sectors were the least sure that security measures relating to personal mobile device use would be improved.
9Internal Security Breaches a Major Concern in U.S.
Overall, a greater number of organizations are satisfied or overly confident with security provisions governing devices connecting to their networks that belong to their own staff; however, a sizeable proportion, particularly in the United States, fears breaches from within more than most. Compliance policy violations occurred an average of 2.6 times in the last year across all three regions, but more in the United States (3.1) than in the United Kingdom (2.5) and Germany, Austria and Switzerland (2.2).
10Mobile Security a Major Focus for IT
Mobile security issues were ranked third in terms of impact significance for all global sectors, except financial services, where greater restrictions on device use are more strongly enforced. However, the survey found companies in this sector still suffered more violations due to issues with endpoint data encryption than those elsewhere.
11BYOD Presents Myriad Security Issues
An average of 78 percent of all respondents cited that any one of 14 popular BYOD controls referenced would have an impact on existing governance, risk and compliance (GRC). Malware prevention (82 percent), lost or stolen device data-wipe mechanisms (82 percent), appropriate user/device enrolment tools (81 percent), device usage controls (79 percent) and data encryption (79 percent) were perceived to have the most significant GRC implications.