Poll: Data Loss Is Top Corporate Security Threat
CDW LLC recently announced the results of its IT Threat Prevention Straw Poll, based on a survey of 200 IT security managers and decision makers at medium and large businesses across the United States.
The survey investigated their impressions of IT security threats and the measures businesses are taking to prevent or mitigate them. Among all current IT threats, 37 percent of business IT security managers believe that data loss from internal threats, negligence and/or accidents (e.g., loss of devices) will be their next major security issue. In second place, 24 percent of respondents view evolved forms of current threats (e.g., breaches, viruses or worms) as their biggest threat, followed by malicious attacks or targeted intrusions (18 percent), and autonomous or untargeted robotic networks (botnets) (14 percent).
“The survey confirms that IT management loses the most sleep over human error or malice,” said Doug Eckrote, CDW’s senior vice president, strategic solutions and services. “Yet, it is troubling to see so many organizations still struggling with preventable threats such as viruses and worms, when the stakes are so much higher from the risks that newer threats pose.”
Regardless of which threat worries them most, only 17 percent of participants say that nothing at all would convince their companies to invest in higher levels of threat prevention, and 18 percent say that only a significant breach of their systems would compel an escalation in security investment. However, showing optimism that their executive management understands the business risks, 39 percent of respondents believe that a specific assessment pointing out vulnerabilities in their current IT security systems would lead to an increased investment in network protection.
The survey found that businesses concerned primarily about evolved forms of current, preventable threats tend to be smaller than those concerned with other threats and have less support or understanding of IT security risks among their executive management. Nearly half (41 percent) of the “evolved threats” group are businesses with less than 100 network user seats, compared to just 20 percent of those focused on other threats. Only 57 percent of the “evolved threats” group agrees that their executive management team understands the risks of IT security breaches, versus 72 percent of all other participants.
“It’s critical for businesses to secure themselves with the effective, readily available shields against ordinary threats, to free up time and resources for more proactive action against data loss and the rising threats of botnets and malicious, targeted attacks,” Eckrote said.
“IT security issues have business implications well beyond the IT network itself, as they can touch a company’s customers or cost a company significant loss of business advantage. The most important strategy is to understand exactly what assets are at stake within your own system and the value that they represent, so that you can match the protection to the value. With the typical IT department working at overload on most days, doing a comprehensive, specific assessment can be a challenge, but a good partner or ally may be able to help you over that mountain.”