Organizations Should Improve Their Security Hygiene

 
 
By Gina Roos  |  Posted 2016-10-17 Email
 
 
 
 
 
 
 
 
 
  • Previous
    1 - Organizations Should Improve Their Security Hygiene
    Next

    Organizations Should Improve Their Security Hygiene

    Companies are undermining security strides they've made because they don't properly enforce best practices concerning privileged accounts and data stored in the cloud.
  • Previous
    2 - Making Progress Against Cyber-Attacks
    Next

    Making Progress Against Cyber-Attacks

    A full 82% of respondents believe the security industry in general is making progress against cyber-attacks.
  • Previous
    3 - Misplaced Budgets
    Next

    Misplaced Budgets

    71% of organizations increased their budget for perimeter defenses. Yet only 24% cited a perimeter breach as the attack stage most difficult to mitigate, and 12% cited it as a top concern.
  • Previous
    4 - Biggest Threats: DDoS, Phishing
    Next

    Biggest Threats: DDoS, Phishing

    Cyber-attacks or tactics that concern IT decision-makers the most over the next 12 months include distributed denial-of-service (DDoS) attacks (19%), phishing (14%), ransomware (13%), privileged account exploitation (12%) and perimeter breaches (12%).
  • Previous
    5 - Lessons Learned From Major Breaches
    Next

    Lessons Learned From Major Breaches

    79% of respondents said their organizations have learned lessons from major publicized security breaches and are taking appropriate actions to improve security.
  • Previous
    6 - Growing Optimism
    Next

    Growing Optimism

    75% of IT decision-makers now believe they can prevent attackers from breaking into their internal networks, up from 44% in 2015.
  • Previous
    7 - False Confidence in Company Security
    Next

    False Confidence in Company Security

    Although the majority of IT decision-makers believe they can prevent cyber-attacks, 36% believe a cyber-attacker is currently or has been in the last 12 months on their network, and 46% believe their organization was a victim of a ransomware attack in the past two years.
  • Previous
    8 - Better Protection
    Next

    Better Protection

    The top actions implemented to better protect against cyber-attacks include the deployment of malware detection (25%), endpoint security (24%) and security analytics (16%).
  • Previous
    9 - Managing Privileged Accounts
    Next

    Managing Privileged Accounts

    55% of respondents said their organizations have changed processes for managing privileged accounts, and 71% use a privileged account security solution.
  • Previous
    10 - Lax Privileged Security Practices
    Next

    Lax Privileged Security Practices

    Yet 40% still store privileged and admin passwords in a Word document or spreadsheet, and 28% use a shared server or USB stick.
  • Previous
    11 - Third-Party Risks
    Next

    Third-Party Risks

    49% of organizations allow third-party vendors remote access to their internal networks. But some verticals lag in vendor access controls: in the public sector, 21% of organizations are not securing and 33% are not monitoring this activity.
  • Previous
    12 - Security Emergency Response Plan
    Next

    Security Emergency Response Plan

    A full 95% of organizations have a cyber-security emergency response plan. But only 45% communicate and regularly test their plans with all IT staff, and 57% aren't certain of their role in response to cyber-attacks.
  • Previous
    13 - Cloud Concerns
    Next

    Cloud Concerns

    68% of organizations cite losing customer data as one of their biggest concerns following a cyber-attack. Yet 60% who use the cloud store customer data in it, and 57% who store info in the cloud are not completely confident in their cloud providers' ability to protect their data.
 

Organizations are undermining cyber-security strides they have made by failing to enforce best practices concerning known vulnerabilities, including privileged accounts, third-party vendor access and data stored in the cloud, a new survey from security specialist CyberArk concludes. According to the poll of 750 IT and IT security decision-makers, well-publicized breaches have increased cyber-security awareness but in some cases have driven false confidence in companies' ability to protect their organizations from cyber-attacks. A majority of the respondents believe the IT security industry is making progress against cyber-attacks. However, John Worrall, chief marketing officer at CyberArk, said most cyber-attacks are a result of "poor security hygiene" and "organizations can't lose sight of the broader security picture while trying to secure against the threat du jour." Here's a look at how businesses are progressing in their cyber-security programs and where security solution providers can help close gaps.

 
 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
























 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Thanks for your registration, follow us on our social networks to keep up-to-date