Only a minority of 350 UK IT professionals surveyed by One Poll this quarter, on behalf of RedSeal, have said they could truthfully tell the board at their organisation they are secure from cyber-attack, with just 44% of respondents agreeing they could make this statement, while 36% said they couldn’t and 20% opted for don’t know.
Commissioned by network infrastructure and security firm RedSeal, the One Poll research also found that 30% of IT departments said they turn a blind eye to critical security vulnerabilities because they just don’t have the time or tools to sort them out, while 28% made a plea for more sophisticated tools to help them make sense of a deluge of data.
The survey questioned IT professionals from across the UK and from various sectors, with financial services (28%) and computing/electronics firms (13%) making up the largest sectors, alongside retail (7%) and transport/logistics (7%).
Of the sample, 41% of the IT professionals queried also stated they believe it is only a matter of time before there is a major cyber-attack against the UK’s critical national infrastructure, with visions of the cyber-attacks perpetrated against Lithuania in the past perhaps paramount in people’s minds.
Other key findings from report include:
• 51% of UK IT professionals said they couldn’t provide the board with key performance indicators (KPIs) to show what level of success or otherwise their investment in IT security systems was having in protecting networks against hackers, with 60% also stating they think the boardroom and IT departments ‘speak different languages’ with mutual incomprehension on all sides.
• 45% of companies don’t know if they are being hacked because their systems are so overloaded with data they cannot quickly pinpoint cyber-attacks. The delay in identifying the risk could prove costly.
• Only 32% of respondents claim to have visibility into their global network and the ability to print a map of their current network topology; the lack of which could explain the inability to spot hack attacks quickly.
Commenting on the findings, Parveen Jain, chief executive officer (CEO) at RedSeal, said: “It’s pretty clear that the majority of today’s UK companies just don’t have enough visibility into their networks and therefore don’t know enough about what needs protecting and what doesn’t. We often see major corporations being attacked day in and day out, but as they don’t have a full understanding of their IT infrastructure security weaknesses and risk gaps they don’t know how to put up a defence.”
“The cyber-criminal community knows that companies are overwhelmed with too much data and don’t have the resources or tools to protect their most valuable assets, so they take advantage of the weak spots,” continued Parveen. “Our advice is to utilise automated solutions, so that you can hone in on the vital vulnerable data with actionable intelligence. This way IT departments can get visualisation of their end-to-end network security architecture, enabling them to defend their systems against sophisticated cyber-attacks.”
By Neil Ainger