UK organisations are leaving themselves wide open to cyber attacks according to new research from the Ponemon Institute.
Inadequate infrastructure, a lack of leadership buy-in and the increasing use of "shadow IT" (employees using their own devices to access corporate information and systems) leave UK businesses unnecessarily exposed to cyber risk.
The Ponemon Institute's research showed that only 40% of of UK organisations believe they have the right security technologies to adequately protect information assets and IT infrastructure. And the inability to control the use of personal devices and apps by employees is at the very centre of UK cyber security worries.
In fact three quarters of UK organisations believe that at least some of their security solutions are not fit for purpose while nearly 90% believe that new IT security frameworks are needed to manage risk.
But despite these widespread worries, only a third of UK organisations believe that top management consider views cyber security to be a strategic priority and without this buy in security will inevitably be weakened.
This is a major problem. Chris Mayers, chief security architect, Citrix, who sponsored the research believes there are problematic questions around C-level engagement in the UK when it comes to IT security. "Every company should view their data as a key asset today – but our research suggests this is not the case."
Mobile working is a major concern. And while "bring your own device" (BYOD) is increasingly common, the majority of organisations don't have a strategy for securing mobile devices, even though it's generally accepted that employees using their own devices commonly use unauthorized software for file sharing and work tasks.
The threat from millennials is seen as being particularly significant. A lack of discipline perhaps, naivety, or simply a spirit of independence mean that millennials are creating workplace cyber risks to confidential data and critical systems by using unapproved apps and devices.
The good news is that half of UK organisations are expecting their IT security budgets to rise in 2017. But will these new investments get in the way of productivity? Chris Mayers again: “Employees need technology which enables them to work in a productive manner and, for a large majority of organisations, this means being able to access corporate data and apps from any device and at any time.”
Getting the balance right between security and efficiency is one of the greatest challenges to cyber security.
The research was commissioned by Citrix and carried out by Ponemon Institute with 445 UK IT decision makers. It provides a snapshot of UK organisations’ current security posture as well as the main concerns for IT decision makers tasked with maintaining adequate security across the business. UK data is taken from a wider global study, ‘The Need for a New IT Security Architecture: Global Study’ that involved more than 4,200 IT and IT security practitioners across 15 countries.
Photo copyright hobo_018 under licence from Thinkboxphotos.co.uk