By Ally Kutz, contributing writer
Nearly four in five organizations experienced some kind of IT security incident in 2015, according to a new report from Spiceworks, the professional network for IT. The Battling the Big Hack study found, however, that 71 percent of IT professionals expect that their organizations will be more secure in 2016.
Your clients are facing the challenge of keeping their data secure, while technology becomes more distributed and complex. Sanjay Castelino, vice president of marketing at Spiceworks, says, “ “In reaction to these challenges, they’re being more proactive about preventing security incidents and breaches by learning about new threats, regularly educating employees about risks, and investing in more advanced security solutions.”
External security threats are forcing IT professionals to evaluate their organizations’ exposure to issues they could face in 2016. More than 50 percent of IT professionals reported malware attacks in 2015, followed by 38 percent reporting phishing and 34 percent reporting spyware incidents. 39 and 37 percent of professionals also reported concern about data theft and password breeches, respectively, but only 5 and 12 percent of organizations experienced any incidents of data theft or password breaches in 2015, respectively.
Almost 50 percent of professionals expressed concerns about individual hackers, with 36 percent worrying about rogue employees. 25 percent said they feared organized crime groups, while only 12 percent cited concern over cyber-terrorist groups or state sponsored hackers. A small 10 percent reported concern over hacktivist groups.
Another significant challenge IT professionals will face is that of internal threats. Of those surveyed, 80 percent indicated that end users represent the biggest challenge for them when it comes to IT security due to a limited understanding of security issues and resistance to security solutions or policies. Almost 50 percent of professionals feel that shadow IT, the deployment of technology by employees without approval from the IT department, poses a huge risk to their organizations.
Mobile devices are also creating huge concern, as more and more IT professionals fear that they provide less protection to end users from breaches, especially when they are accessing company data. When asked which network-connected devices and end points pose the most risk of a security breach in 2016, 81 percent answered with laptops and 73 percent with desktops, with smartphones and tablets at 70 and 62 percent, respectively. Almost 50 percent of those surveyed feel that network-connected Internet of Things (IoT) devices pose some sort of risk as well.
When asked how they plan to invest in more advanced solutions, 36 percent of IT professionals responded that they expect to increase investment in intrusion detection; 24 percent expect to increase investment in testing for penetration; and 22 percent expect to increase investment in advanced threat protection.
For more on the study and to view the full report, click here.