Perceptions and reality of cyber defenses differ widely, study reveals
There is a sizable gap between confidence in cyber security programs and their effectiveness, according to a study by data management software provide Syncsort.
The company surveyed more than 300 IT and security professionals and found that while 85 percent are either very or somewhat confident in their organization’s security program, 41 percent said their company had experienced a security breach and 20 percent more were unsure.
The report also uncovered several challenges and liabilities in security practices that contradict the high levels of confidence. A majority of respondents had firsthand knowledge of security for Windows servers (69 percent) and network infrastructure (54 percent). But only seven percent were familiar with newer but widely-adopted data storage options such as Hadoop data lakes.
Twenty-eight percent of respondents identified adoption of cloud services as their top security-related challenge, followed by growing complexity of regulations (20 percent) and insufficient IT security staffing (19 percent). The regulation most respondents had to adhere to was the General Data Protection Regulation (GDPR), cited by 37 percent.
About one third of the organizations only perform security audits annually, while 23 percent do so every three months and 19 percent every six months. The most common areas examined in audits include application security (72 percent), backup/disaster recovery processes (70 percent), network security (69 percent), and antivirus programs and password policies (67percent each).