Websense, Inc. released new results of the global survey conducted by the Ponemon Institute “Obstacles, Renewal and Increase in Security Education”, which revealed the communication challenges between IT security professionals and executives, the desire to overhaul current security systems and the limited knowledge on safety among executives and employees. The survey of nearly 5,000 IT security professionals around the world reveals a gap in knowledge and resources within companies, raising the level of vulnerability and risk of breaches in corporate data.
“This Ponemon Institute survey highlights that a lack of communication, education and inadequate security systems make it possible for cybercriminals to attack organizations around the world,” said John McCormack, CEO of Websense. "It's no surprise that so many security professionals are disappointed with the level of protection their current solutions provide, as many companies still rely on legacy solutions that fail to stop the threat chain and prevent data theft."
The Obstacles, Renewal and Increase in Security Education report evaluated IT security professionals with an average of ten years of field experience from 15 countries: Australia, Brazil, Canada, China, France, Germany, Hong Kong, India, Italy, Mexico, Netherlands, Singapore, Sweden, United Kingdom and United States. The results reveal a global consensus that organizations must address the communication gap between security teams and executives to better protect against advanced attacks and data theft. In Brazil, the survey was carried out with 392 IT and IT security professionals.
Obstacles in communication between security professionals and executives:
• 31%'s IT security teams never spoke to company executives about cybersecurity issues. (Brazil 36%)
• Of those who spoke, almost a quarter (23%) admit that the attendance was annual and another 19% semi-annually. Only 11% responded quarterly and 1% responded on a weekly basis. (Brazil 22% annually, 18% semiannually and 1% weekly).
• Only 38% believe that their companies invest enough in qualified personnel and technologies in order to effectively achieve the goals and mission of cybersecurity in their companies. (Brazil 42%)
Security teams call for a complete overhaul of the security system:
• 29% of respondents would completely overhaul their company's current security systems if they had the resources and opportunity (Brazil 31%)
• Nearly half (47%) were often disappointed with the level of protection that ended up being offered by an acquired security solution (Brazil 61%). Only 12% have never been disappointed with their security solutions (Brazil 4%).
• 56% believe that a data breach would trigger a switch in security vendors (Brazil 55%).
• APTs and data theft attacks are the main fears of IT security professionals (Brazil idem).
• More encouragingly, 49% says they are considering making significant investments and adjustments to their cybersecurity defenses over the next 12 months (Brazil 61%).
Increasing security education:
• 52% of companies do not provide cybersecurity education to employees, with only 4% planning to do so in the next 12 months (Brazil 58% and 10%, respectively).
• Less than half (42%) of IT security professionals have undergone a cyber threat training process in their current role. Of those who went through the process, almost all (94%) considered it important in terms of managing virtual risks (Brazil 23% and 92%, respectively).
• Security professionals believe that the top three events that would force executive teams to commit more money to cybersecurity initiatives are: intellectual property theft (67%), breach involving customer data (53%), and loss of revenue due to downtime. system downtime (49%) (Brazil 75%, 46% and 57%, respectively).
In addition to the survey results, the report also includes conclusions based on the data obtained and recommendations to address gaps in security technology, communication and education. A full version of the report, including the survey methodology, consolidated results and individual country response rates, is available at http://www.websense.com/content/2014-ponemon-report-part-2.aspx?cmpid=prnr7.17.14.
EN 
PT 
