Spiceworks research: insider threats will be the biggest information security challenge in 2016
A new study by Spiceworks showed that end-users inside the enterprise topped the list of information security threats. This has once again underlined the growing trend that helps drive customer choice in favor of data management and control solutions . The study revealed that 80% of enterprises had serious security incidents in 2015, 71% of enterprises believe that they will be better protected in 2016, and 84% of enterprises plan to increase investment in information security.
The key findings of the “Battling the Big Hack” report show that the three biggest problem areas in the context of insider activity and outside penetrations are directly related to the lack of awareness and vigilance of end users: 54% of surveyed enterprises are very concerned about the spread of malicious programs, 53% of enterprises are concerned about the programs extortionists (for example, encryption viruses requiring money to decrypt data), 46% of businesses are worried about phishing.
Other interesting findings from the report:
• Only 18% of companies stated that they had not found a single insider attack in 2015.
')
• Among the proposed sources of information security threats, the following distribution emerged: insiders (36%) more than organized criminal groups (25%), cyber-terrorist groups (12%) or national / state-sponsored hackers (12%).
• The most common actions that were taken when detecting insider attacks were: updating hardware / software (76%), applying policies for end users (73%), and educating end users (72%).
• Major IT security problems: limited knowledge of risks and security by end users (69%), non-acceptance of problems by end users, resistance (57%).
• 52% of enterprises believe that “shadow IT” is a threat to the security of an organization.
The severity and frequency of violations that expose company data to hazards continue to grow, plus the lack of understanding that organizations and their users are aware of the protection of valuable corporate data leads to a kind of crisis. Companies now understand that their investment in perimeter security doesn’t guarantee prevention of attacks and data leaks.
Methodology: The survey was conducted in October 2015 and included 197 respondents from the regions of North America, Europe, the Middle East and Africa. The respondents were IT specialists using Spiceworks software, the respondents represented a multitude of companies of various sizes: from small businesses to large enterprises.
The key findings of the “Battling the Big Hack” report show that the three biggest problem areas in the context of insider activity and outside penetrations are directly related to the lack of awareness and vigilance of end users: 54% of surveyed enterprises are very concerned about the spread of malicious programs, 53% of enterprises are concerned about the programs extortionists (for example, encryption viruses requiring money to decrypt data), 46% of businesses are worried about phishing.
Other interesting findings from the report:
• Only 18% of companies stated that they had not found a single insider attack in 2015.
')
• Among the proposed sources of information security threats, the following distribution emerged: insiders (36%) more than organized criminal groups (25%), cyber-terrorist groups (12%) or national / state-sponsored hackers (12%).
• The most common actions that were taken when detecting insider attacks were: updating hardware / software (76%), applying policies for end users (73%), and educating end users (72%).
• Major IT security problems: limited knowledge of risks and security by end users (69%), non-acceptance of problems by end users, resistance (57%).
• 52% of enterprises believe that “shadow IT” is a threat to the security of an organization.
The severity and frequency of violations that expose company data to hazards continue to grow, plus the lack of understanding that organizations and their users are aware of the protection of valuable corporate data leads to a kind of crisis. Companies now understand that their investment in perimeter security doesn’t guarantee prevention of attacks and data leaks.
Methodology: The survey was conducted in October 2015 and included 197 respondents from the regions of North America, Europe, the Middle East and Africa. The respondents were IT specialists using Spiceworks software, the respondents represented a multitude of companies of various sizes: from small businesses to large enterprises.
Source: https://habr.com/ru/post/278949/
All Articles