A recent report carried out by US cyber expert Dr Larry Ponemon has found that some 60% of IT staff will only tell managers of a security risk they have come across if they consider it to be ‘serious’ or ‘urgent.’ The report surveyed some 600 people working in numerous roles across the IT sector and uncovered this scary statistic that more than half of security risks across numerous organisations were going unreported.
In most cases, the criteria IT staff were using to judge whether or not a risk was serious was simply gut feeling and the report claimed that, for most IT workers, the concept of what constituted a serious security risk was rather different than the perspective taken by senior managers – which is very worrying indeed. In the report Ponemon highlighted that “The stakeholders with the highest responsibility seem to be the least informed,” and that security threats were often being kept from bosses until the point at which it was often too late for management to do anything about it.
As many organisations consider themselves completely unprepared to deal with a security breach – in another of Ponemon’s reports more than half of US companies indicated that they felt defenceless against cyber attacks – the fact that so many of the smaller security risks are passing below the radar of those formulating management and strategy of security issues is damaging and counterproductive. One of the reasons mooted for this situation being allowed to continue is that there tends to be considerable over confidence in IT staff. However, given the number of cyber attacks we have seen against companies in recent months and years with everyone from Barclays Bank to Sony suffering at the hands of hackers it would seem that it is time to do something about this rather worrying statistic.
If you want to make sure you’re in control of your own security, ITC Secure Networking specialise in protecting your company from cyber threats. You don’t have to leave business security in the hands of your IT team – take control today with our managed network services instead. Please contact: [email protected] or call 020 7517 3900