Most firms have a bleak view of their data security preparedness
There’s a bleak outlook for organizations’ digital defense posture, with many enterprise security practitioners overwhelmed by the scale and tenacity of external digital threats and lacking confidence in their processes, systems, and tools. That’s the assessment of a new study conducted by IDG Connect for RiskIQ, a provider of threat management products.
A survey of 465 IT information security decision makers in the U.S. and U.K. conducted by IDG Connect shows that 68 percent of organizations have zero to modest confidence in managing digital threats, and 70 percent have zero to modest confidence in reducing their digital attack surface.
The survey found that business digital transformation and the external threat landscape have outpaced enterprise security capacity. An average of 40 percent of organizations experienced five or more significant security incidents in the past 12 months.
Among most cited external threats: malware, ransomware, phishing, domain and brand abuse, online scams, rogue mobile apps, and social impersonation.
A majority of those surveyed are aware that some of their digital security measures are immature or ineffective, with only 31 percent expressing high confidence in the likelihood that their organizations can mitigate or prevent digital threats—despite all respondents increasing their near-term digital security spending.
"While the results were both eye-opening and disturbing, the survey findings and insights should empower corporate leadership and IT security professionals to examine how their organizations are protecting their businesses, customers, and brands, and fortifying digital transformation," said Martin Veitch, editorial director at IDG Connect.