IT pros warn of inadequate company security
Most companies do not have adequate security to deal with serious threats, a survey of IT pros has indicated.
The majority of security professionals do not believe their organisations are capable of dealing with serious threats, research has shown.
More than two-thirds of the 488 IT workers surveyed by the Ponemon Institute said their companies did not have the resources needed to deal with potentially major attacks.
Two-thirds claimed security is not considered as mission critical to their organisation's business success.
At a press event today, F-Secure's Tom Gaffney agreed not all companies take security seriously, as shown in the results.
Firms need to recognise, however, that "prevention is cheaper than the cure," he said.
Gaffney expressed concerns over whether top level executives will ever recognise how important security is.
"I am very skeptical they ever will. That is the reality we have seen already in the desktop world," he told IT PRO. "I don't think it will be just one event that will change things."
When mandatory reporting comes into UK law and firms are forced to disclose breaches, that will make "an enormous difference" to how firms manage security, Gaffney added.
A more positive result from the report, according to Vodafone's head of IT security Brian Burton, is the correlation between how the respondents said they deal with standard protection and how mobile devices are secured.
Over half of respondents rated anti-virus and anti-malware as top technologies for decent return on protection (RoP) a similar model to return on investment but based on estimates of how much companies could avoid paying for breaches, rather than actual revenue seen from investment.
A similar percentage said the mobile versions of those technologies are capable of offering a very high RoP.
"There is no real difference in how you secure information across devices," Burton said. "The perception is there that we shouldn't be treating these devices differently."
The business case for greater mobile protection is likely to gather pace after vulnerabilities in smartphone devices were recently uncovered, notably the SMS Trojan affecting Android.
Four cyber security essentials that your board of directors wants to know
The insights to help you deliver what they needDownload now
Data: A resource much too valuable to leave unprotected
Protect your data to protect your companyDownload now
Improving cyber security for remote working
13 recommendations for security from any locationDownload now
Why CEOS should care about the move to SAP S/4HANA
And how they can accelerate business valueDownload now