Security, particularly when it comes to business environments has seemingly climb to the top of most boardroom agendas the world over.
That’s what we were lead to believe at least, but a recent survey conducted by McAfee Enterprise and FireEye among IT professionals, confirms that most businesses are still not prioritising as they should.
The survey, titled Cybercrime in a Pandemic World, gathered the feedback from 1 451 IT professionals (September to October 2021) spread out between the US, UK, Australia, France, Germany, India, Singapore, South Africa and the UAE, looking at organisations with 500 or more employees.
The most concerning finding from the survey is that 97 percent of professionals believe that there is not enough emphasis on security within their business environments.
Given how cybercrime has surged during the pandemic, one would think that securing the business environment would be all that a business will be thinking about, but apparently not.
“This is despite the fact that 90% of these professionals feel that their industry has experienced an increase in cyber threats since the onset of COVID-19 in early 2019, with data breaches, malware attacks, and phishing scams being the three cyber risks seen to be most threatening,” highlights McAfee Enterprise in a press release sent to Hypertext.
“Sixty-three percent of these professionals add that there should be more emphasis on employee training and awareness about cybersecurity issues, with 61% saying that there should be more resources allocated towards planning for how to efficiently respond to them,” it adds.
With an estimated 41 percent of people planning to continue some form of remote or hybrid working moving forward, educating employees about what to look out for has become crucial for IT security professionals.
Added to this, is fostering a culture of taking ownership when it comes to security, with cloud vendors in particular not necessarily as concerned with the data of your businesses’ data and systems as you may be, according to McAfee Enterprise.
“With four in ten local companies choosing to specify their own combination of cloud security, advanced threat security, endpoint security, and mobile security solutions, many are doing so by trusting the security solutions provided by their web services or data centre service providers, and in turn, have a false sense of security about the extent of their true protection,” explains Carlo Bolzonello, country manager for McAfee Enterprise in SA.
“These platform-owned security solutions are not those vendors’ core business, which means that they are less likely to have the insight and experience of a specialist security provider. Some level of protection is certainly better than having no protection at all, but a security solution provided by a web or data centre service platform cannot compete – or provide the same level of security and peace of mind – that a specialist vendor can,” he stresses.
Planning is therefore the crucial next step that business must take. Many of well aware of the risks and threats that exist, have acquired the necessary systems to safeguard the environment, but do not have a working plan in place in the event of an attack or breach.
Added to this, is a distinct lack of effort in education and enforcing good security practices with employees.
“It’s all very well having the best tools in the business, but if you haven’t read the user’s manual or practiced what to do in an attack scenario, including communicating to affected stakeholders, chaos will ensue,” warns Bolzonello warns.
“Avoiding this will protect your brand’s reputation among key stakeholders, too,” he concludes.
[Image – CC 0 Pixabay]
