UK organisations leave critical data open to hacker attack

16 August 2007

research reveals level of encryption for network traffic falls below recommended levels

39 Thirty-nine per cent of UK organisations admit they are protecting less than a quarter of their network traffic, according to the annual security survey conducted by SafeNet, Inc.

The global leader in information security surveyed 1,200 IT directors and security professionals from government agencies, financial services and retail organisations, about their encryption and security policies. It revealed five per cent, or one in twenty 20 UK organisations, have no security measures at all to protect the data crossing their networks. This compares to a similar level of six per cent in 2006.

However, the survey showed that the overall levels of network protection are falling, as 34 per cent of organisations were found to encrypt between one and 25 per cent of their data. In comparison, only 26 per cent of organisations admitted such low security measures in 2006, demonstrating an eight per cent increase in the number of companies not taking adequate steps to encrypt their data.

“The level of encryption required will obviously vary from organisation to organisation, but companies should be looking to encrypt as much on average network traffic as possible, if not all of it,” said Gary Clark, VP EMEA, SafeNet. “However, I am concerned to see that the number of organisations implementing security measures and encryption policies has decreased over the past twelve 12 months.”

Worryingly a point of concern is that, 17 per cent of the senior executives were not sure of encryption rates for their network data, suggesting that security issues are not the priority they need to be and awareness of security is not at the level it should be among top-level management.

“With the increase in mobile and remote working, mission-critical data is flowing freely both inside and outside the firewall so . So cyber-criminals have more opportunity – as well as the resources – to access and take advantage of sensitive data,” Clark continued. “But this does not have to be the case if the appropriate security strategy and technology is are introduced.”

“Information is the lifeblood of any organisation, and companies must constantly assess and amend strategies to protect this or prepare to face the consequences,” concluded Clark.

Become a bobsguide member to access the following

1. Unrestricted access to bobsguide
2. Send a proposal request
3. Insights delivered daily to your inbox
4. Career development