What a difference a year makes. When Lancope conducted a survey of IT professionals at Infosecurity Europe in 2013 it seemed as if the majority were either completely oblivious, or just in denial about the state of the security landscape. Lancope surveyed IT professionals again this year, and found much more of them in touch with the reality—and gravity—of the situation.
Lancope found that the concern over BYOD security has declined dramatically—50 percent of respondents cited it as a top concern last year, but only 30 percent this year. However, the threat of insider attacks, or insiders compromising or exposing data rose from 32 percent in 2013 to 40 percent this year. The first trend may be a reflection of maturing BYOD programs and better IT tools to manage and protect BYOD mobile devices, while the second trend is likely a response to the Snowden NSA revelations and concerns over how an employee was able to exfiltrate so much valuable and sensitive data undetected.
The good news from this year’s study is that there seems to be much greater awareness. In 2013 65 percent of the respondents claimed they had not, or were not sure if they had experienced any security incidents in the prior 12 to 18 months. That number dropped to 39 percent this year. Only 18 percent of survey participants admitted to suffering from a malware attack in last year’s survey, but this year that number jumped to 42 percent.
“It is not likely that the change in these numbers indicates a dramatic rise in attacks now versus last year,” said Tom Cross, director of security research for Lancope, in a blog post. “What it likely indicates is that people are more aware of the attacks their organizations are suffering from, especially since it was the number of respondents ‘not knowing’ that so sharply declined. This may mean that organizations are tracking security incidents more carefully and that they have increased the level of internal communication they are engaged in. This greater level of internal awareness is important in order for IT security efforts to receive the financial and political support that they need.”
Lancope also found increased awareness and concern about APT (Advanced Persistent Threats), brand or organizational reputation—and the impact of data breaches on reputation, and security in the cloud.
You can view the complete survey, and results by clicking here.
What do you think? How would you have answered these survey questions? Do you think the results are an accurate representation of the state of security?