IT leaders worry about security despite being prepared
While 92 percent of IT business leaders believe they've made the right security investments and 88 percent say they meet all compliance requirements, half still worry about their company's security.
The study also finds that 49 percent of IT business leaders count human error, including those by employees, among their top security concerns. In fact, all of their other concerns -- malware, stolen data, phishing, ransomware and misconfiguration of cloud services -- include some element of human error and/or malice.
"IT business leaders must secure their most vulnerable access point: their employees. Although there are some malicious internal attacks, the vast majority of internally-enabled breaches happen when employees click on a seemingly harmless link in an email, opening the floodgates to corporate data and systems," says Pierre-Luc Bisaillon, CIO at AppDirect. "Best-in-class training, with testing and regular retraining and testing, will go a long way to mitigate the risks of social engineering security breaches."
Added security measures are on the agenda, with 74.4 percent saying they're likely to purchase cybersecurity software solutions in the next 12 months. They're likely to better vet their solution provider too, since 45 percent report they’ve experienced security or data privacy concerns related to their third-party tech vendor solutions.
"Cyber crime is a people problem -- and better people processes and education are the solution," adds Bisaillon. "This means ensuring assets are up to date with the latest patches, enforcing multi-factor authentication and locking down endpoint security to rapidly detect and remediate advanced attacks and ensure business continuity. Getting help from experts who can analyze security gaps can help IT business leaders build a strong security strategy."
The full report is available from the AppDirect site.