Fighting a Security War With Yesterday’s Tech
-
Fighting a Security War With Yesterday’s Tech
The top external threat to enterprises is cyber-criminals, but security pros with outdated tools face a daunting task of repelling groups looking to cause harm. -
Old Security Habits Die Hard
$40 billion is spent annually on information security products, most of which goes to legacy security technologies, like firewalls, antivirus and intrusion prevention. Despite this, breaches continue. -
Signs of Adaptation
Despite the disconnect between spending and what is needed, 58% of respondents are increasing spending to offset threats to data, and 37% are increasing spending on data-at-rest defenses this year. -
Experienced Breaches
61% of U.S. federal respondents say they experienced a breach in the past, higher than the U.S. average of 57% and trailing only healthcare, which is 63%. -
Nation-State Hacking vs External Threat Actors
Although nation-state attacks have been in the news, the top external threat actors identified by respondents are cyber-criminals, at 76%. Nation-state hackers are a distant fourth, at 47%. -
Feds Unlikely to Increase Spending on Breaches
U.S. federal respondents are the least likely to increase their spending due to data breaches—42% versus 32%. -
Best Practices
48% of respondents would like to implement data security to follow industry best practices. -
Compliance Is Still a Driver
Compliance standards fail to stop multilevel, multiphasic attacks, and being compliant does not ensure that sensitive data will not be stolen. Yet 57% of U.S. federal respondents view meeting compliance requirements as a very or extremely effective way to protect sensitive data. -
Skills Shortages
51% of respondents say perception of complexity is the No. 1 barrier to more widely adopting data security. But complex deployments require significant staffing. Lack of staff is the second-highest barrier at 44%. -
Top Internal and External Threats
The biggest internal threat actors are privileged users at 64%. Contractors account for 43%. -
Storage in the Cloud
Despite top concerns being security breaches from a shared infrastructure (70%), 84% of respondents plan to store sensitive data in some form of public cloud within the next 12 months. -
Big Data One of Top Three Risks
56% of respondents plan to store sensitive data in the cloud. 15% regard big data implementations as one of the top three risks for loss of sensitive information. -
Internet of Things
Securing sensitive data generated by IoT devices is the primary concern of 35% of respondents, followed by loss or theft of these devices at 29%.
Despite news stories highlighting nation-state hacks, the top external threat to enterprises is cyber-criminals, according to a new study. U.S. federal IT execs are the least likely to increase spending due to data breaches, however. The report, "2016 Vormetric Data Threat Report - U.S. Federal Government Edition," is the data protection firm's fourth annual report and was issued in conjunction with 451 Research, an IT technology research and advisory company. It polled 1,100 senior IT security executives at large enterprises worldwide, including 100 U.S. federal government organizations. "The results show that federal IT security professionals are like generals fighting today's wars with the weapons of yesterday," said Garrett Bekker, senior analyst of Information Security at 451 Research. "Spending intentions reflected a tendency to stick with what has worked in the past, such as network and endpoint security technologies that offer little help in defending against multistage attacks. Clearly, there is still a big disconnect between what we are spending most of our security budget on and what's needed for sensitive data remain secure."