56 percent of IT security pros admit their infrastructure has gaps

1 Comment

Attack route

New research released by AttackIQ based on a study by the Ponemon Institute reveals some worrying trends on the level of accountability for IT security and a lack of confidence in determining the effectiveness of security technologies.

Ponemon surveyed over 570 IT and IT security practitioners in the US and finds 63 percent of survey respondents say their IT security leadership doesn't report to the board on a regular basis, and 40 percent say they don't report to the board at all.

In addition 63 percent of respondents say their IT security leadership needs better monitoring tools to improve their ability to communicate the effectiveness of security infrastructure and potential gaps to the C-suite and board. And 56 percent say their IT security infrastructure has gaps in coverage that allow attackers to penetrate its defenses.

Most struggle to measure the effectiveness of their security too. Only 24 percent of respondents say they have a mature measurement and metrics program, and 30 percent say they have a partial metrics program. 40 percent of respondents say they don't quantify and track the company's IT security posture at all. Even of those who have either a mature or partial measurement program, only 39 percent report the findings to the board.

"Data breaches and other security incidents continue to plague enterprises, shining a light on the need for companies to shift to a proactive approach to ensuring a strong security posture," says Brett Galloway, CEO of AttackIQ. "From this research, we know that almost half of companies don’t quantify and track their IT security posture at all, completely crippling their ability to confidently identify and remediate security gaps. AttackIQ not only allows organizations to systematically test the efficacy of their security programs and address any weaknesses in coverage or configurations but also to demonstrate improvement to cybersecurity posture over time. Senior leaders, including CEOs and board members, need accurate and comprehensive data in order to determine acceptable cyber risk levels and ensure their organization is positioned to prevent disruption to critical infrastructure."

You can register for a webinar to discuss the findings to be held on October 31st.

Image Credit: Jurgen Priewe / Shutterstock

1 Comment

One Response to 56 percent of IT security pros admit their infrastructure has gaps

Got News? Contact Us

Recent Headlines

TEAMGROUP unveils MP44Q M.2 PCIe 4.0 SSD

Cyberwarfare incidents reported by almost half of UK firms

Ransomware, meet DRaaS: The future of disaster mitigation

Get 'Modern DevOps Practices -- Second Edition' (worth $39.99) for FREE

Number of ransomware victims up 20 percent in first quarter of 2024

Low-code tools boost developer productivity

Cisco warns of serious CLI command injection vulnerability in its Integrated Management Controller

Most Commented Stories

Say goodbye to Microsoft Windows 11 and hello to Nitrux Linux 3.4.0 'pl'

60 Comments

Windows 11 slammed for its 'comically bad' performance even on high-end hardware

18 Comments

Outrageous: Microsoft to charge $61 for Windows 10 updates -- consider switching to Linux!

17 Comments

Microsoft 'improves' Windows 11 by bringing ads to the Start menu in the US

16 Comments

Microsoft is up to its old tricks yet again -- Windows 10 users harassed with full-screen Windows 11 upgrade warnings

16 Comments

Easter giveaway! Get a licensed copy of 'VideoProc Converter for Windows/Mac' (worth $78.90) for FREE

10 Comments

EndeavourOS ARM discontinued: A huge loss for the Linux community

9 Comments

Install the KB5035942 update for Windows 11 to gain all of the Moment 5 features right now

8 Comments

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.