Attacks/Breaches

1/18/2019
11:20 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Syncsort Survey Finds Disconnect Between Confidence in IT Security Programs and Data Breaches

Despite an Optimistic Security Outlook, 61 Percent of Organizations Report They Have Either Experienced a Security Breach or Aren't Sure

Pearl River, NY – January 10, 2019 -- Syncsort, the global leader in Big Iron to Big Data software, today announced results from a survey exploring companies’ top IT security investments and challenges. The survey revealed a sizable gap between confidence in security programs and their effectiveness

The survey of over 300 respondents found that while 85 percent of respondents are either very or somewhat confident in their organization’s security program, 41 percent said their company had experienced a security breach and 20 percent more were unsure.

The survey also uncovered several challenges and liabilities in security practices that contradict their high levels of confidence.

IT Infrastructure Knowledge and Security Investments Reveal Vulnerabilities Around Newer Data Sources

  • Respondents had firsthand knowledge of security for Windows servers (69%), followed by network infrastructure (54%).
  • In contrast, only seven percent were familiar with newer, but widely-adopted data storage options like Hadoop data lakes.

Cloud and Compliance Are Security Challenges

  • Twenty-eight percent of respondents named adoption of cloud services as their top security-related challenge, followed by growing complexity of regulations (20%) and insufficient IT security staffing (19%).
  • The regulation most respondents had to adhere to was GDPR (37%), followed by HIPAA and SOX (32% each).
  • Security (42%) and cloud computing (35%) are organizations’ top two IT priorities in the coming year.

Most Organizations Only Perform Security Audits Annually

  • Thirty-two percent of responding organizations only perform security audits annually, while 23 percent do so every three months and 19 percent every six months.
  • The most popular areas examined in audits include application security (72%), backup/disaster recovery processes (70%), network security (69%), antivirus programs and password policies (67% each).

Organizations Are Investing in Security, but Mostly Around Basic Measures

  • Almost half of respondents (46%) reported increased spending on security-related technology over the past three years. Thirty-five percent (each) developed or significantly updated a security program and increased spending to support cybersecurity initiatives.
  • The top three security investments include network firewall (69%), virus protection (66%) and malware protection (65%), while investments in newer approaches like data tokenization (18%) are starting to emerge.
  • In the coming year, 39 percent plan to invest in internal staffing and skills, while 23 percent plan to invest in intrusion prevention and 21 percent in patch management.

Data Breaches Are Common, and Most Organizations Don’t Meet Breach Response Metrics

  • Forty-one percent of organizations have experienced data breaches, while 39 percent have not, and 20 percent say they don’t know.
  • The most common type of breaches were virus/malware attacks (76%) and phishing (72%). Interestingly, virus attacks came from internal sources roughly half the time while phishing usually came from external sources (78%).
  • Fifty percent of breaches were identified in less than a day, while 26 percent were identified in less than a week.
  • Mean time to respond was the breach metric most often met (41%), followed by mean time to resolve (35%).
  • Following a breach, companies’ most common action was to increase training for IT staff (43%).

“The good news is most organizations are auditing their security systems,” said Terry Plath, Senior Vice President, Support and Services, Syncsort. “The bad news is more than two-thirds of audits are done by in-house staff – meaning they’re more likely to be biased – and only once per year. This may not be enough to keep up with the newer and more sophisticated approaches malicious hackers are constantly developing. The bottom line is that data security requires increased focus from IT organizations, particularly against the backdrop of increasing compliance regulations and emerging data rights.”

For more information on the study results, register for our webcast, “The State of IT Security for 2019: Results from Syncsort’s Security Survey.”

Methodology

Syncsort polled over 300 respondents, 78 percent of whom have more than 100 employees at their organization. Participants represented a range of industries including government & public safety, education, financial services and healthcare.

About Syncsort

Syncsort is the global leader in Big Iron to Big Data software. We organize data everywhere to keep the world working – the same data that powers machine learning, AI and predictive analytics. We use our decades of experience so that more than 7,000 customers, including 84 of the Fortune 100, can quickly extract value from their critical data anytime, anywhere. Our products provide a simple way to optimize, assure, integrate, and advance data, helping to solve for the present and prepare for the future. Learn more at syncsort.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
High Stress Levels Impacting CISOs Physically, Mentally
Jai Vijayan, Freelance writer,  2/14/2019
Valentine's Emails Laced with Gandcrab Ransomware
Kelly Sheridan, Staff Editor, Dark Reading,  2/14/2019
Making the Case for a Cybersecurity Moon Shot
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  2/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-3474
PUBLISHED: 2019-02-20
A path traversal vulnerability in the web application component of Micro Focus Filr 3.x allows a remote attacker authenticated as a low privilege user to download arbitrary files from the Filr server. This vulnerability affects all versions of Filr 3.x prior to Security Update 6.
CVE-2019-3475
PUBLISHED: 2019-02-20
A local privilege escalation vulnerability in the famtd component of Micro Focus Filr 3.0 allows a local attacker authenticated as a low privilege user to escalate to root. This vulnerability affects all versions of Filr 3.x prior to Security Update 6.
CVE-2019-10030
PUBLISHED: 2019-02-20
A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.52 and earlier in RejectASTTransformsCustomizer.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.
CVE-2019-10030
PUBLISHED: 2019-02-20
A exposure of sensitive information vulnerability exists in Jenkins Cloud Foundry Plugin 2.3.1 and earlier in AbstractCloudFoundryPushDescriptor.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through anoth...
CVE-2019-10030
PUBLISHED: 2019-02-20
A server-side request forgery vulnerability exists in Jenkins Mattermost Notification Plugin 2.6.2 and earlier in MattermostNotifier.java that allows attackers with Overall/Read permission to have Jenkins connect to an attacker-specified Mattermost server and room and send a message.