1E, the endpoint management and security company, has published ‘Getting Your House in Order’. The document contains research findings that showcase the considerable scale of security breaches and the challenges businesses still face surrounding cyber attacks. The detailed report concludes with a ten-point Action Plan for businesses compiled by cyber security expert Michael Daniel.
With digital transformation on the rise and technology massively outpacing policy, companies must take the lead when it comes to securing their estates. While cyber security has received much fanfare – with global spend predicted to exceed $1 trillion through 2021 – the biggest gaps continue to endure in plain sight.
Commissioned in partnership with Vanson Bourne, 1E’s independent study polled 600 IT decision-makers (300 from IT operations and 300 specialists in IT security) from across the UK and the US. The research discovered that over three-quarters (77%) believe that they’re not extremely well prepared to react to a serious data breach. Over half (60%) have experienced a serious security breach in the last two years (31% more than once) and eight-in-ten claim that digital transformation increases cyber risk.
Fewer than a quarter (23%) believe that the IT operations and IT security teams work together extremely well to secure the business. Nearly all (97%) believe that their organisation would benefit from better collaboration between these teams. On average, respondents have visibility of 64% of their organisation’s total software estate. Only 66% of this software is current.
Over three-quarters (77%) cite that remote working will continue to be a security concern until organisations can find a way to effectively reach, patch and secure remote workers. The majority of respondents demand an investment increase in areas such as software migration automation (80%), breach response and remediation (67%) and/or software patching (65%).
Sumir Karayi, CEO at 1E, stated: “Businesses are losing control of their estates because of fundamental issues such as the widening gap between IT operations and IT security and deferred responsibility.”
There’s also a lack of understanding of where the security focus should be. While budget can easily be allocated to the sector, Karayi observed: “CIOs have the challenge of explaining the pivotal need for areas like patching, which can feel mundane. Without this hygiene, companies must constantly defend against new vulnerabilities or risk a major breach. This creates a phenomenon called the ‘Software Arms Race’: an unabated competition between exploiters and the entire software industry. Set on a continuous loop, one creates an issue, the other builds defences.”
Experts at major companies are weighing in on these issues. Kurt De Ruwe, CIO of Signify (previously Philips Lighting) urged: “IT operations and IT security teams must work together, agree upon aims and create a shared toolset. When something does go wrong, don’t play the blame game. If you point a finger, there are usually three fingers pointing back. Use your collective energy to solve the problem instead.”
Looking wider, De Ruwe believes that new technology is an important way to better empower IT operations. “Live information is really important because viruses, phishing attacks and all these things happen from moment to moment so you need to be able to react quickly. There was a time that you could afford to wait a week or two before you had the information. Today, real-time information makes all the difference.”
*To download a full copy of the survey results visit: https://www.1e.com/getting-your-house-in-order/