Professionals working in IT are marking their companies down when it comes to their ability to prevent, detect and manage the consequences of a data breach. That’s according to a detailed study on the impact of data breaches commissioned by Centrify and conducted by The Ponemon Institute.
The global study of IT professionals in the UK, the US, Germany and Australia shows that less than half of global IT professionals are confident they have the ability to prevent, detect and resolve data breaches. In the UK, however, the picture is even more damning, with 70% of IT practitioners questioned not confident in their organisations’ abilities to prevent such breaches.
More worrying is the fact that, for the majority (63%) of IT professionals, the biggest concern following a data breach is loss of their jobs, which ranks above any loss of company reputation (43%) and time needed to recover decreasing productivity (41%). This is at a juncture when the industry is trying to cope with a worldwide shortage of qualified cyber security professionals. Indeed, not-for-profit information security group ISACA predicts there will be a global shortage of some two million cyber security professionals by 2019.
According to The Ponemon Institute’s study, over half (51%) of UK IT practitioners in organisations that had suffered a data breach believe one of the most negative consequences of such an event is greater scrutiny of the capabilities of the IT Department itself. This ranks above brand and reputational damage (35%) and loss of customer trust in the organisation (35%).
40% of IT professionals who took part in the study responded that their organisation had suffered a data breach involving sensitive customer or business information in the past two years.
“Organisations need to take a smarter approach to their security needs, implementing tools that are more efficient, consolidating vendors and platforms and empowering the people within their IT Departments,” said Andy Heather, vice-president for the EMEA region at Centrify. “Now more than ever, cyber security requires C-Suite involvement to ensure the IT Department has the right tools to be successful and isn’t just left in the hot seat to take the fall.”
Heather continued: “For years now, organisations have relied on a well-defined boundary to protect their assets. They knew where the perimeters of their networks and endpoints were, and kept their important assets on the safe side. However, things have changed. Today, the world as we know it is an increasingly complex digital canvas of identities that live in and out of the enterprise, changing the perimeter of the network such that there’s no perimeter at all. Traditional security measures are failing to safeguard against breaches. To avoid financial and reputational ruin, organisations simply must now rethink their approach to security.”
*Access The Ponemon Institute’s study: https://www.centrify.com/resources/the-impact-of-data-breaches-on-reputation-and-share-value-uk/