Most organizations lack visibility into user activity and management of sensitive data, according to the 2017 IT Risks Report from hybrid cloud security software company Netwrix.
The 2017 IT Risks Report, which included responses from 723 IT security professionals, indicated 89 percent of organizations said they use only "basic" IT security solutions. In addition, 26 percent of study respondents noted they are ready to handle IT risks, Netwrix said.
The 2017 IT Risks Report highlighted IT risks that organizations face on a daily basis, what processes and resources they have to manage these risks and organizations’ readiness to deal with cybersecurity threats, according to Netwrix.
Key Report Findings
Key report findings included:
- 74 percent of respondents said they are "not well prepared to beat IT risks," with the primary obstacles being lack of budget (57 percent) and lack of time (54 percent).
- 66 percent said they view employees as the biggest threat to system availability and security, but only 36 percent indicated they are fully aware of employees' actions.
- 65 percent stated they do not have dedicated personnel responsible for cybersecurity.
- 56 percent subject to compliance noted they delegate cybersecurity management to their IT operations teams.
Organizations that already have visibility into user activity reported that it "greatly benefits their security initiatives," Netwrix CEO Michael Fimin (pictured above) said in a company statement.
In fact, these organizations often avoid cybersecurity issues such as data breaches, system unavailability and audit failures, Fimin pointed out.
Are Visibility and Control of IT Infrastructures on the Decline?
Multiple security reports in recent months suggest companies are underfunding security (see VIPRE's security report) or suffering from lack of visibility and control of today's IT infrastructures (Fortinet's research showed).
Fortinet's Global Threat Landscape Report indicated several factors have "stretched (IT) security professionals past their limits," including:
- Growth of the Internet of Things (IoT).
- Out-of-band threat vectors like shadow IT.
- Rush to adopt private and public cloud solutions.
- Variety and volume of smart devices connecting to networks.
Eighty percent of organizations reported high or critical-severity exploits against their IT systems in the first quarter 2017, according to the Global Threat Landscape Report.
Also, 10 percent of organizations discovered activity associated with ransomware in the first quarter, and an average of 1.2 percent said they found ransomware botnets running somewhere in their IT environment, the Fortinet report revealed.