ATLANTA, June 8, 2015 -- According to findings from a new global Ponemon study: “2015 Global IT Security Spending & Investments” IT security and IT leaders and their staff members do not agree on security objectives.The study, commissioned by information security leader Dell SecureWorks, surveyed 1,825 IT security and IT leaders and their staff. The participants were based in 42 countries in the following regions: North America, Europe, Middle East, Africa, Asia Pacific, Japan and Latin America. The study’s objective was to determine the key influencers that are driving security budgets and technology purchases.
One of the key findings from the study was that more than 50 percent of the respondents surveyed stated that their organization’s board of directors and C-Level executives are frequently not briefed, nor are they given the necessary information to make informed budgeting decisions regarding security priorities and the investments in technology and personnel required.
“Organizations cannot expect to successfully combat today’s increasing cyber threats If important stakeholders, such as the C-level executives and board members, are not adequately informed about their organization’s security strategy, challenges and goals ,” said Kevin Hanes, executive director of Security and Risk Consulting for Dell SecureWorks.
Another alarming finding was that 58 percent of the study’s respondents said they did not think or were unsure if their organization possessed sufficient resources to achieve compliance with security standards and laws.
“What is especially worrying about this response is that not only does non-compliance put organizations at risk for legal action and fines, but even organizations which have achieved compliance, can many times still be compromised,” said Hanes. ”This is why Dell SecureWorks always advises its clients to build and maintain a robust, layered security program, so as to ensure a strong security stance and meet its compliance requirements.”
An additional finding of note is that the security views and priorities held by the Security and IT leaders were in stark contrast to their staff members’ views and priorities. Here are some of the responses:
· Security and IT leaders believe it is most important to pursue improvement in the organization’s security posture (72 percent of respondents), while security and IT staff members see the minimization of downtime as the primary security objective (83 percent of staff respondents).
· Security and IT leaders view third-party mistakes, including those made by cloud providers, as a more serious cyber threat (49 percent of leader respondents) than negligent insiders (37 percent of leader respondents), while security and IT staff members consider insecure Web applications and negligent insiders as more serious threats (57 and 56 percent of staff respondents, respectively).
“The differing security views and priorities between the Security and IT leaders and their staff members signals a serious misalignment between the two groups,” said Hanes. “Every member of an organization’s Security IT department, whether a leader or a staff employee, should be working toward the same security goals. If the company wants to establish a strong security position, this misalignment must be addressed.”
“I found the responses in our ‘2015 Global Study on IT Security Spending & Investments’ surprising and enlightening,” said Dr. Larry Ponemon, Chairman and Founder of the Ponemon Institute. “I hope IT Security and IT leaders and their staff, as well as C-level executives and board of directors, read this report and reevaluate their security programs to ensure that there is a thorough understanding and consensus among them as to their organization’s security challenges and objectives.”
To download the complete Ponemon report: “2015 Global Study on IT Security Spending & Investments,” please click here: http://www.secureworks.com/resources/articles/featured_articles/report-global-it-security-spending-investments
About Ponemon Institute
Ponemon Institute conducts independent research and education that advances information security, data protection, privacy and responsible information management practices within businesses and governments throughout the world. Our mission is to conduct high quality, empirical studies on critical issues that affect the protection of information assets and IT infrastructure. As a member of the Council of American Survey Research Organizations (CASRO), we uphold strict data confidentiality, privacy and ethical research standards. www.ponemon.org.
About Dell SecureWorks
Dell Inc. listens to clients and delivers innovative technology and services that give them the power to do more. Recognized as an industry leader by top analysts, Dell SecureWorks provides world-class information security services to help organizations of all sizes protect their IT assets comply with regulations and reduce security costs. For more information, visit www.secureworks.com.