IT security pros failing on risk strategies

IT security pros failing on risk strategies

Just 14 percent are confident they have a complete picture of their security and risk state

Article comments

IT security professionals in Europe have "significant gaps" in their enterprise risk strategies, according to research from HP.

HP questioned 500 security professionals at the recent InfoSecurity Europe conference in London, and found that 79 percent thought they had an information security risk plan in place.

However, only 14 percent were "very confident" that their current IT security solutions are giving them a complete, concise picture of their security and risk state.

“These results indicate that security professionals are not as aware as they think about the real state of their security, or what they should be doing in order to protect themselves from ever developing threats,” said Jennifer Lake, security product marketing manager at HP DVLabs.

“Security professionals should be developing an intelligent approach to enterprise security, rather than simply securing an organisation’s perimeter."

HP said IT security pros must be able to develop a sustainable and holistic approach to securing the enterprise across data, applications, devices and networks. But the survey found that 44 percent did not have the capabilities to uncover and report vulnerabilities in custom applications, with only 60 percent carrying out real-time monitoring of security events.

The top three information security risks for organisations cited by respondents were staff inadvertently breaching security (19 percent), mobile devices (18 percent) and malware and viruses (17 percent).

Only 41 percent of respondents carry out asset analysis and prioritisation as part of their security programme.

In other security news Cabinet Office minister Francis Maude has warned that the London 2012 Olympic Games “will not be immune” to cyber attacks. Maude said the Beijing Olympics in 2008 experienced "12 million cybersecurity attacks", and said that hackers would be looking to “disrupt” this year’s Games as well.


Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
* *