Most IT professionals not confident in their company’s ability to prevent data breaches
Professionals working in IT are marking their companies down when it comes to their ability to prevent, detect and manage the consequences of a data breach, according to a Ponemon report on the impact of data breaches commissioned by Centrify, the leader in securing hybrid enterprises through the power of identity services.
The global study of IT professionals in the UK, US, Germany and Australia, shows that less than half of global IT professionals are confident they have the ability to prevent, detect and resolve data breaches. In the UK, however, the picture is even more damning, with 70 per cent of IT practitioners not confident in their ability to prevent breaches.
More worrying is the fact that for the majority (63%) of IT professionals, the biggest concern following a data breach is loss of their jobs, which ranks above loss of company reputation (43%) and time to recover decreasing productivity (41%). This is at a time when the industry is trying to cope with a worldwide shortage of qualified cybersecurity professionals. Non-profit information security group ISACA predicts there will be a global shortage of two million cybersecurity professionals by 2019.
According to the study, over half (51%) of UK IT practitioners in organisations that had suffered a data breach believe that one of the most negative consequences of a data breach is greater scrutiny of the capabilities of the IT department. This ranks above brand and reputational damage (35%) and loss of customer trust in the organisation (35%).
Forty per cent of IT professionals who took part in the study said their organisation had suffered a data breach involving sensitive customer or business information in the past two years.
“Organisations need to take a smarter approach to their security needs, implementing tools that are more efficient, consolidating vendors and platforms, and empowering the people within their IT departments,” says Andy Heather, VP EMEA at Centrify. “Now more than ever, cybersecurity requires C-suite involvement to ensure its IT department has the right tools to be successful and not just left on the hot seat to take the fall.
“For years now, organisations have relied on a well-defined boundary to protect their assets. They knew where the perimeters of their networks and endpoints were, and kept their important assets on the safe side. But things have changed. Today, the world as we know it is an increasingly complex digital canvas of identities that live in and out of the enterprise, changing the perimeter of the network — to no perimeter at all. Traditional security measures are failing to safeguard against breaches. To avoid financial and reputational ruin, organisations must now rethink their approach to security.”