Mumbai: A recent security report by digital security company Gemalto has pointed out that a majority of IT employees working in organisations are not confident regarding internal data protection after incidents of repeated data breach.
The third annual Data Security Confidence report released on Wednesday is based on a world-wide survey of 1,100 IT decision makers, working in different organisations.
While 61 per cent said their perimeter security systems (firewall, IDPS, AV, content filtering, anomaly detection, etc.) were very effective at keeping unauthorized users out of their network, 69 per cent said that they are not confident regarding their organisation’s perimeter security, which they feel can be easily compromised during the incident of a data breach.
In retrospect, around 66 per cent people believed that security was not tight in 2015, which was even lower at 59 per cent in 2014. Furthermore, 66 per cent believe unauthorized users can access their network and nearly two in five (16 per cent) said unauthorized users could access their entire network.
To give a brief understanding of the consequences of data breaches, more than 3.9 billion data records worldwide has been lost or stolen since 2013.
"This research shows that there is indeed a big divide between perception and reality when it comes to the effectiveness of perimeter security," said Jason Hart, Vice President and Chief Technology Officer for data protection at Gemalto.
"The days of breach prevention are over, yet many IT organizations continue to rely on perimeter security as the foundation of their security strategies. The new reality is that IT professionals need to shift their mind set from breach prevention to breach acceptance and focus more on securing the breach by protecting the data itself and the users accessing the data,” he added.
Perimeter security important, not full proof
The survey also highlighted the fact that 78 per cent of IT decision makers had adjusted their strategies as a result of high profile data breaches, which is 7 per cent higher than the figure in 2015 and 25 per cent more than the number in 2014.
Approximately 86 per cent said they had increased spending on perimeter security and 85 per cent believe that their current investments are going to the right security technologies.
However, all is not hunky dory when it comes to perimeter security, as the findings revealed that 64 per cent organisations were victims to data breaches over the past five years.
In the last five years, organizations that have suffered a perimeter security breach experienced costs of over $1.1million, and more than 24 per cent of surveyed IT decision makers believe that over 5 per cent of their organization’s IT budget has been lost on detecting and fixing breaches in their perimeter security.
Adding to this already-ill score, 27 per cent testified that their organisations had experienced a breach in the last 12 months; a similar scale of people said the same for instances in 2015.
This clearly shows that organisations have not yet enhanced security systems despite increased investments in uplifting perimeter security.
"While companies are confident in the amount of spending and where they are spending it, it's clear the security protocols they are employing are not living up to expectations,” said Hart
Explaining the need for a layered approach to security, he said, “While protecting the perimeter is important, organizations need to come to the realization that they need a layered approach to security in the event the perimeter is breached.”
By employing tools such as end-to-end encryption and two-factor authentication across the network and the cloud, they can protect the whole organization and, most importantly, the data," he added.
