September 2006 Security Survey: CIOs Have High Confidence in Security Vendors

By Allan Alter  |  Posted 09-19-2006

September 2006 Security Survey: CIOs Have High Confidence in Security Vendors

Viruses, Trojan horses, malware…given all the damage they can do, these online nasties ought to be scaring the pants off IT executives. But three-quarters of IT executives still believe they have adequate protection because of the high degree of confidence in their antivirus software, antispyware software and virtual private networks. A remarkable 96% of our respondents say they have an adequate antivirus software solution in place. Across the board, in fact, more IT executives express confidence in every kind of security technology. But there's another ace up the sleeve: More companies now have a broad corporate security strategy and have linked that strategy to their overall risk strategy.

For more data and analysis, see CIO Insight's Research Center blog at go.cioinsight.com/researchcentral.

Next page: Overall satisfaction with security technologies is keeping confidence levels high.

Overall satisfaction with security

technologies is keeping confidence levels high."> Finding 5: Overall satisfaction with security technologies is keeping confidence levels high.
Even though hackers and criminals have begun to exploit vulnerabilities in antivirus software, IT executives still show enormous confidence in their antivirus and antispyware software. In fact, satisfaction with security technology has risen for nearly every kind of security software. But technologies that prevent identity theft continue to lag behind.

Next page: The adoption of comprehensive strategies is also boosting confidence.

The adoption of comprehensive

strategies is also boosting confidence.">
Finding 6: The adoption of comprehensive strategies is also boosting confidence.
More companies have adopted an enterprisewide IT-security strategy and have connected it to their risk strategy, indicating that security is becoming better aligned overall. Yet many respondents complain their company doesn't take a strategic enough approach to security. Is that why there are still holes remaining in security policies and procedures, as our later findings reveal?

Research Guide:

  • Finding 1: Employee negligence and Microsoft vulnerabilities are considered the most significant IT-security risks
  • Finding 2: Almost half of large companies have been targeted by online criminals.
  • Finding 3: One company in six has lost equipment containing company data in the past year.
  • Finding 4: Confidence in IT security remains high, despite security problems.
  • Finding 5: Overall satisfaction with security technologies is keeping confidence levels high.
  • Finding 6: The adoption of comprehensive strategies is also boosting confidence.

    Upcoming results from the Security survey:

  • Sept: 27: Are IT executives being overconfident? Protecting data, tightening policies.

    Read our previous surveys on IT security, privacy and risk:

  • September 2005: Security Relaxes as IT Threats Increase
  • September 2004: Security and Privacy: Do You Feel More Secure Than Last Year?
  • August 2003: Is Your Security Comfort Level Too High?
  • September 2002: Rethinking Risk
  • February 2002: Security 2002
  • October 2001: Disaster Recovery 2001

    Related stories:
    Trends:

  • Trust Yourself: The Business Value of Trust (Sept 2004)
  • Re-Engineering Security (August 2003)

    Case studies:

  • Lexis-Nexis: Ground Zero for War vs. Data Thieves (Sept 2005)
  • Ships Systems: Surviving the Storm, and the Recovery

    Interviews and Expert Voices:

  • Ira Winkler: Security is Easier—And Crooks Are Dumber—Than You Think (Sept 2005)
  • Larry Ponemon, Ponemon Institute: Making Privacy Work (Sept 2004)
  • Jim Seligman, CIO, Centers for Disease Control: An Ounce of Prevention (Sept 2004)
  • Bruce Schneier, Counterpane Internet Security: How to Fight (August 2003)

    Technology:

  • Outsourced Security: An Idea CIOs Loathe (Sept 2005)
  • Identity Management: Who are You?

    Whiteboards:

  • Hugh Dubberly: The Information Loop (Sept 2004)
  • Gary Lynch and Karen Avery: How to Improve Your IT Security Policy: A Six Sigma Approach (August 2003)

    Opinion:

  • Dan Gillmor: Customer Data May be Too Risky to Keep (Sept 2005)
  • Darwin John: Whose Data Is It, Anyway?