One in 20 companies use optimal security solutions that can anticipate security breaches before they happen, while 44% of those that got hacked were unable to determine the source or the type of security attack or the duration of the breach, a recent survey shows.
The inability to identify critical assets or data and to properly react to security breaches is a major deficit of all companies, from small to large. Attackers targeting non-critical systems could gain access to confidential business information that should otherwise be stored on a segregated network or infrastructure. The disclosure of classified information could have devastating consequences for a company’s financial health, according to Business Insights.
Respondents say that 70% of IT departments spend less than 20% of their time securing the corporate network and data assets. The survey data also indicates that only 7% of firms’ IT departments devote more than half of their time to security.
A 56% majority of respondents said “end user carelessness” is the biggest security threat to their IoT networks followed by 42% who cited “malware.”
Security specialists recommend companies not to only focus on adhering to guidelines and certifications, but actively test their network perimeter and train employees in correctly identifying and reporting security incidents. Best practices demand appointing an executive with sole responsibility over cyber security and capabilities for instant monitoring.
The report is based on an independent survey of over 600 firms worldwide.