Majority of organisations still gambling with IT security

A new survey from Lieberman Software Corporation revealed that 92 % of IT security professionals believe that cyber security drills are a good way to prepare for cyber-attacks. However, 63 % of those surveyed admitted that their organisations never run such drills, or only do so annually.

The study was carried out at Black Hat Conference 2015, and looked at the attitudes of nearly 150 IT security professionals. It also revealed that only 11 % of organisations carry out cyber security drills quarterly, while 26 % conduct them every six months.

Philip Lieberman, CEO of Lieberman Software said: “What concerns me most about this survey is that the majority of IT security professionals fully understand the benefits of running cyber security drills, but only a small percentage actually put these drills into practice. In today’s threat landscape, organisations are attacked continuously. With this in mind, you would think companies would be doing everything they can to limit the damage of potential cyber-attacks. However, our study reveals this clearly isn’t the case. And IT teams are fully aware of the consequences.”

Executive Management Does Not Heed IT Security Warnings

The survey also revealed that IT professionals often warn their superiors about pending IT security disasters, but think that executive management fails to take action. When respondents were asked about the obstacles they face trying to convince management to proactively deal with cyber threats, responses were as follows:

  • 11 % said they couldn’t find a way to give IT a place in the corporate board room
  • 10 % said they couldn’t find budget to rectify the situation
  • 12 % said they couldn’t convince management to understand the severity of cyber threats
  • 45 % said all of the above

“IT security is a companywide issue. Any CEO or corporate board who does not realise this will have a nasty shock when their company is attacked, their share price plummets and they lose customers. Corporate boards should learn about the cyber threats targeting their companies and should have a good understanding of the company’s IT security posture. Executive management should assume that intruders are already inside their networks. They should ensure that their organisations can contain cyber-attacks by securing privileged access, and by removing shared and long-lived credentials that intruders exploit to move around the network. This will mitigate damage and protect the company’s reputation when a cyber-attack does occur” continued by Philip Lieberman CEO of Lieberman Software.

RECENT ARTICLES

Samsung and O2 Telefónica introduce vRAN and Open RAN network in Germany

Posted on: May 3, 2024

Samsung Electronics and O2 Telefónica announced on Thursday that the companies launched their first virtualised RAN (vRAN) and Open RAN commercial site in Germany. It is the first time that

Read more
Cross-section of a submarine telecommunication cable

Telxius expands submarine cable route from Dominican Republic to Puerto Rico

Posted on: May 2, 2024

Global connectivity provider Telxius is opening its latest submarine cable route with the extension of SAm-1 between Punta Cana in the Dominican Republic to Puerto Rico. The route is in

Read more