Half of enterprise organisations admit to being breached in the last year, and 20 percent of IT decision makers believe their businesses will suffer from a breach that will go public in the next 18 months.
New research from Code42 revealed that half of all corporate data in the enterprise today is held on laptops and desktops rather than in the data centre or centralised servers. Nearly two-thirds (63 percent) of CEOs state that losing this data would destroy their business.
The survey consisted of samples from more than 800 IT decision makers (ITDMs), including CISOs and CIOs, and 450 business decision makers (BDMs) including CEOs from the UK, US and Germany.
In the last year, 70 percent of ITDMs have increased their information security teams by 10 percent.
In addition to being their top priorities, ITDMs feel the top three emerging challenges are data protection (17 percent), data privacy (13 percent) and strength of encryption (11 percent).
BDMs believe that their IT teams/companies invest the most in data centre security (54 percent), antivirus (53 percent) and backup (40 percent), but ITDMs feel they actually spend the most on security analytics platforms, endpoint backup and endpoint data loss prevention tools.
Seventy-four percent of BDMs reported that they have heard more about cyber-security threats in the last 18 months than they had done previously, and 58 percent of ITDMs say they have become desensitised to potential cyber-security threats because of an over-exaggeration and exposure by the media.
At least 20 percent of ITDMs either have no plan in place or are unsure whether they do or not.The vast majority of BDMs (86 percent) and ITDMs (80 percent) reported that they do have a breach recovery plan in place.
ITDMs suggest that the following policies will most affect how they provision data protection and/or data security solutions in the next 18 months: UK – Brexit (33 percent), US – Brexit (39 percent) and Germany – GDPR (28 percent).
Most ITDMs have a laptop (86 percent) and server backup (95 percent) in place. But at least 13 percent and eight percent, respectively, have not tested their laptop or server backup programs, which says their approach is more of a “checkbox for compliance” rather than a solution that adds practical value to employees.
Despite 91 percent of CEOs and 83 percent of BDMs acknowledging that their behaviours could be considered a security risk to their organisation, 75 percent of CEOs and 52 percent of BDMs admit that they use application and programs that are not approved by their IT department.
Seventy-four percent of CEOs believe that the only way to secure the enterprise is to lock it down, and 71 percent of CIO/CISO/CSOs agree.
“Modern enterprises are fighting an internal battle between the need for productivity and the need for security – both of which are being scrutinised all the way to the CEO. By using unauthorised programs and applications, business leadership is challenging the very security strategies they demanded be put in place. This makes it clear that a prevention-based approach to security is not sufficient; recovery must be at the core of your strategy,” said Rick Orloff, VP and CSO at Code42, in a statement.