Majority of organisations not confident in ability to protect data after a breach

74 per cent of IT decision-makers believe perimeter security is effective at keeping out security threats, yet 41 per cent believe unauthorised users are able to access their networks.

  • 10 years ago Posted in

Despite increasing numbers of data breaches and the theft and loss of more than 2 billion data records worldwide since 2013, organisations continue to believe perimeter security technologies are effective for data protection, according to new research from SafeNet, Inc., a global leader in data protection.


The 2014 SafeNet Data Security Confidence Index found that nearly three-quarters (74 per cent) of IT decision-makers believe that their organisation’s firewall is effective at keeping out unauthorised users. Yet, nearly half (44 per cent) admit that their organisation’s firewall has been breached or do not know if it has been breached. In addition, more than 60 per cent are not confident that data would be secure if unauthorised users were able to penetrate their network’s perimeter security.


Security Investments Favour the Perimeter vs. Defence in Depth
The survey results illustrate that despite the increasing number of network breaches and data record losses, businesses are continuing to invest more of their IT budgets in perimeter security and breach prevention technologies versus defence-in-depth strategies that include strong multi-factor authentication and data encryption. In the first half of 2014 alone, more than 375 million customer records were stolen, an increase of 31 per cent compared to the same period last year, according to the SafeNet Breach Level Index (BLI).


The research found that 93 per cent of IT decision-makers say that their organisation’s investments in perimeter security has either increased or stayed the same over the past five years, with an average of 9 per cent of IT budget currently spent purchasing, deploying, and maintaining firewall technology. For the next twelve months, respondents planned to continue this trend, spending approximately the same amount (9.05 per cent) on firewall technology.


Two-thirds of IT decision makers (67 per cent) also admit that they would not decrease spending on perimeter defences, such as firewall technology, in favour of other technologies. In fact, if asked to get rid of one method to protect sensitive data, the majority would eliminate anomaly detection (49 per cent) or data security measures like encryption (24 per cent) rather than perimeter security (15 per cent).


Low Confidence in Breach Prevention and Keeping Cybercriminals Out
In addition, despite a high degree of confidence in the effectiveness of perimeter security, IT decision-makers expressed lower confidence in their company’s ability to protect data against growing security threats, with the research revealing that:
· Over half (60 per cent) are not confident that data would be secure if unauthorised users penetrated their network’s perimeter security.
· Two-fifths (41 per cent) said they think unauthorised users are able to access their networks.
· One-third (34 per cent) of IT decision makers reported that they have become less confident with the security industry’s ability to detect and defend against emerging security threats.
· One-quarter of IT decision makers (25 per cent) admit that if they were a customer of their organisation, they would not trust the company to store and manage their personal data.
· Over half (53 per cent) suggest that high-profile data breaches in the news have driven their organisation to change their security strategy.


“The research findings reveal some interesting contradictions between the perception and the reality of data security,” said Tsion Gonen, chief strategy officer, SafeNet. “What’s worrying is that so many organisations are still putting all of their eggs in one basket when it comes to data security. Perimeter security technologies are just one layer of protection, but too many companies rely on them as the foundation of their data security strategy when, in reality, the perimeter no longer exists. From the sheer volume of data breaches alone, it’s clear that if a cybercriminal wants to hack the system or steal data, they will find a way to do so. So companies need to focus on what matters most – protecting the data. That means building more intelligent security strategies and using defence-in-depth with multi-factor authentication and placing security directly on the data with encryption.”

Talent and training partner, mthree, which supports major global tech, banking, and business...
On average, only 48% of digital initiatives meet or exceed business outcome targets, according to...
GPUaaS provides customers on-demand access to powerful accelerated resources for AI, machine...
TMF Group, a leading provider of critical administrative services for global businesses, turned to...
Strengthening its cloud credentials as part of its mission to champion the broader UK tech sector...
Nearly all UK IT managers surveyed (98%) state cloud investment is an organisational priority for...
LetsGetChecked is a global healthcare solutions company that provides the tools to manage health...
Node4 to the rescue.