Complex security solutions are exposing companies to risk
Companies are putting their customers’ data at risk because IT teams do not have the expertise or time to deploy today’s complicated IT security products, a new survey from Lieberman Software revealed.
The survey, which was carried out at RSA Conference 2015 and measured the attitudes of nearly 170 IT security professionals, revealed 69 percent of respondents do not feel they are using their IT security products to their full potential. As a result, 71 percent of IT professionals believe this is putting their company, and possibly customers, at risk.
When survey respondents were asked why they don’t use their IT security products to their full potential, 62 percent revealed they either found the products too complicated to deploy, too time consuming to deploy, or didn’t think they had the expertise to properly deploy them.
“As zero-day attacks and other cyber threats evolve at a steady pace, many organizations are searching for new IT security solutions to defend against the latest wave of attacks,” said Philip Lieberman, President of Lieberman Software.
“Unfortunately, these organizations often discover too late that the products they purchase cannot scale to large enterprise environments, or be deployed quickly enough to provide real defense. That creates a significant security deficit that leaves organizations at risk, as the findings in this survey indicate. To be effective in today’s cyber warfare environment, a security solution must have enterprise scalability, be rapidly deployed without requiring expensive or time-consuming professional services, and operate automatically and continuously – without involving direct human interaction,” Lieberman added.
Additionally, 61 percent of survey respondents admitted that their organization has deployed a security product purely to meet regulatory compliance regulations, rather than to increase security.
“Regulatory compliance requirements drive most implementations of IT security products. However, compliance does not equal security. Despite the regulatory initiatives that most organizations are subject to, data breaches are now happening more frequently and becoming increasingly severe. There’s more to achieving real IT security than completing an auditor survey and marking a few check boxes. True security requires continuous measurement and correction in the face of the unrelenting cyber threats that compliance mandates simply fail to anticipate,” continued Lieberman.