Identifying the Right Threats: Strategic Security Survey
By Michael A. Davis, InformationWeek
Posted May 9, 2012
The InformationWeek Strategic Security Survey, now in its 15th year, is a great trend spotter–when we see a double-digit, year-over-year percentage-point shift, we take notice. For example, based on 946 responses, only 15% feel they’re more vulnerable than a year ago, which is the same percentage as in 2011. However, among those feeling more vulnerable, the percentage of IT pros worried that there are more ways to attack their networks plunged, from 76% to 62%. The concern that’s on the rise is the growing amount of customer data to secure: up to 44% from 34% a year ago.
IT’s also paying closer attention to the security of public cloud service providers. Last year, just 18% conducted their own audits; now it’s up to 29%. Use of providers’ own audit reports is also up. To the 9% who want to conduct risk assessments but are stymied by uncooperative vendors, we say consider that resistance a big red warning flag.
One area where we saw surprisingly little movement is mobile security: 25% say smartphones and tablets represent a significant threat, up just a tick from 24%. Loss or theft is IT’s greatest concern, and for good reason, since end users are more likely to leave a tablet in a cab than they are to download a malicious app. That’s why mobile device management software that can remotely wipe data, protecting the organization from a potentially messy information leak, is so critical.
Another constant among our respondents is perceived cloud risks. Top worries include leaks of customer data and security defects in the providers’ systems, unchanged from last year…