At least 90% of CIOs and CTOs believe the job of keeping the enterprise protected is more challenging than ever before.
According to new research from Fortinet, serious boardroom pressure to keep the enterprise secure has jumped almost one-third in the last 12 months, making security paramount and a primary consideration over other business initiatives.
The independent survey was commissioned by Fortinet of over 1,600 enterprise IT decision makers (ITDMs), largely from 500+ employee organisations around the world. All respondents were sourced from independent market research company Lightspeed GMI’s online panel.
Survey highlights include:
* Among IT decision makers recording the highest boardroom pressure, 63% admit abandoning or delaying at least one new business initiative because of IT security concerns.
* The increasing frequency and complexity of threats (88%) and the new demands of emerging technology like the Internet of Things (IoT) and biometrics (88%) pose the biggest challenge to ITDMs to keep their organisations secure.
* The majority of ITDMs have been provoked into action by rising data privacy concerns (90%) and securing big data initiatives (89%); in the majority of cases this means new IT security investment.
The growing awareness of IT security within the boardroom – and its resulting pressure and involvement – was cited as a major contributor to making the IT security job more difficult, with three-quarters rating awareness of senior management as ‘high’ or ‘very high’ today, up from barely 50% one year prior.
The survey also unveils that a total of 53% of all ITDMs surveyed have slowed down or cancelled a new application, service or other initiative because of cyber-security fears. The figure is 63% among those reporting a very high level of boardroom pressure and scrutiny around IT security. Mobility related applications and strategies are the biggest sticking points, with cloud also scoring high.
The rising volume and complexity of advanced persistent threats (APT), DDoS attacks and other cyber threats, and the demands of emerging technology trends like Internet-of-Things and biometrics, are the most prevalent drivers making ITDMs’ jobs more challenging. There is a big expectation across industry sectors for biometrics to arrive very soon, with 46% claiming the technology has already landed or will do so in the next 12 months.
Two-thirds say they already have the tools to ensure it can be managed securely. Of the third that doesn’t feel prepared today, one-third of those believe they will struggle to secure biometrics in the future as well.
The high profile issues surrounding data privacy are provoking action, with 90% of ITDMs planning to change their outlook on IT security strategy in response. Of these, 56% are inclined to invest more money and resources to address the challenge, with 44% preferring instead to rethink existing strategy.
Meanwhile big data and data analytics were cited by 89% of respondents as a change driver for IT security strategy, with 50% of these planning investments.
Industry sectors with the highest predisposition to invest in IT security were financial services (53%) and telecoms/technology (59%). The research also indicated organisations of greatest size have the greatest tendency to invest.
When asked if they had been provided with sufficient human and financial resources for IT security in the last 12 months, four out of five ITDMs said yes. A total of 83% feel they will also have sufficient resources in the next 12 months. Most industry sectors carried this trend, for example with public sector going from 74% to 77% and retail from 80% to 81%.
Financial services sector ITDMs feel best equipped (87% for the next 12 months), though their trend is downward (89% for the past 12 months).
“With IT security on the boardroom agenda, this and other challenges are clearly adding weight onto the shoulders of senior IT professionals and questioning the ability of some organisations to exploit innovation while remaining secure,” says John Maddison, vice-president of marketing products at Fortinet.
“These organisations must act now to address the impact of the growing threat environment and increased scrutiny on IT security, re-evaluating their goals to ensure they strike the right balance and achieve resilience in the face of cyber threats.”
The good news is that many are positive and feeling well equipped with human and financial resources for the IT security challenges that lie ahead. However, to do so points toward intelligent new strategies and more investment in security technologies.”