Cybercrime will succeed in 38% of cases
Date: April 06, 2006Source: sourcewire.com
• Confidence levels unimproved despite escalating budgets
• 74% say security issues are a ‘fact of business life’
• 38% of firms’ security defences were breached in 2005
The nCircle Cost and Confidence Research report has revealed that UK board members have low expectations and little peace of mind regarding network security provision in their firms in 2006.
Undertaken online by YouGov in February 2006, the research investigated attitudes of 293 senior managers, including company directors, MDs and CEOs, in mid to large size companies (250+ employees) was commissioned by nCircle, the leading provider of enterprise-class vulnerability and risk management solutions. The research shows a low level of confidence in this group with 38% believing that their organisations will be victims of successful cybercrime attacks in 2006, the same proportion as admitted breaches in 2005.
However, even this level of confidence could be misplaced, as a third of senior managers do not know if their company’s security was breached in 2005.
Despite continually escalating security budgets (15% growth last year according to Infonetics Research), confidence levels in security provision have not increased amongst the majority of senior managers, (68% say it has not increased since last year).
Nearly three quarters (74%) of respondents agreed that security issues are now a ‘fact of business life’.
Senior managers may also be losing faith in the ability of their teams, or technology, to stay on top of the security challenge. When asked how senior managers’ confidence could be improved the most popular response was ‘better understanding of the issue myself’ (34%). The second most popular answer with 21% of votes was ‘improved reporting would lead to more confidence’.
“Clearly, many current security strategies are not winning the war, either in the fight against Cybercrime or to win the confidence of their senior managers,” said Kevin Lamb, Director of EMEA Operations at nCircle. “It’s time for security professionals to stop and rethink their information security strategies, unless they wish to embrace a future of endless spending and diminishing returns. It is critical for organisations to develop a proactive network risk management philosophy and meaningful compliance reporting, in order to break this cycle of security spending that delivers no improvement in security performance and confidence.”
Original article
Add comment
Email to a Friend
