The research reveals high levels of confidence among IT audiences in their ability to protect data, with 86% saying their IT systems can deal with an information leakage and 87% agreeing they are confident they could handle a system compromise.
Yet, 41% of IT decision makers admitted they don’t know how many intrusions or security breaches their organisation has suffered in the last 12 months and 46% are concerned about the lack of security for their IT infrastructures.
The research also shows a lack of sophistication within many organisations around how they are protecting their data and IT systems, with low numbers putting in place even the more basic protection: 23% have intrusion detection systems; 25% DDoS mitigation; 40% intrusion prevention systems; and 51% data encryption.
Steve Nice, Security Technologist, Node4, comments: “The research reveals a clear disparity between understanding the need to prioritise data protection and an organisation’s ability to comply with legislation and put in place the necessary measures to protect the business. The threat landscape is becoming increasingly sophisticated and complex, so it’s more important than ever to put in place systems that will prevent or mitigate attacks and security incidents.”
Five key ways to bolster your data protection and IT security strategy:
1. Establish the right policies - assume from the outset you will be a target and develop the appropriate policies for IT and the wider business
2. Audit continuously – Understand the needs and vulnerabilities of your IT infrastructure to anticipate and mitigate potential threats before they happen
3. Establish visibility with SIEMS – A Security Information and Event Management (SIEM) strategy will give a birds-eye view of all data from a single point, enabling complete visibility of a complex IT infrastructure
4. Cover the basics – Approaches like firewalls and encryption remain the beating heart of any security architecture, yet only 51% of IT decision makers have these in place. Don’t forget the basics
5. Adopt unified threat management (UTM) – Bring together the tools to effectively mitigate a wide range of threats and intrusion methods into a single system, for easy detection and management