In a survey commissioned by RedSeal Networks, and carried out by OnePoll, 55% of IT departments said that they cannot or do not know if they can truthfully assure executives that they are secure. And, 51% of IT professionals polled said that they could not walk into a board meeting and provide the board with key performance indicators to show what level of success their investment is having in defending the network against the hacking community.
When asked whether they felt as though they are losing a fighting battle against the cybercriminals, one-third agreed that they were playing a perpetual game of cat and mouse when it came to defending their systems. They also said that they felt that they can never catch up with the cyber-criminals.
The reasons for this seem to boil down to resources – a common theme when it comes to preparedness. Only 40% said that IT personnel and the board speak the same language, so that they get the budgets they need. The remaining 60% were not so sure. And accordingly, the survey found that 30% of IT departments admit that they have to turn a blind eye to critical security vulnerabilities because they just do not have the time or tools necessary, while 28% said they need more sophisticated tools to help them make sense of the deluge of data.
“The cyber-criminal community knows that companies are overwhelmed with too much data and don’t have the resources or tools to protect their most valuable assets, so they take advantage of the weak spots,” said Parveen Jain, CEO at RedSeal Networks, in a statement.
Respondents also said that visibility is an issue: 57% of respondents said that they have no visibility into their global network. In addition, 44% of companies just do not know or cannot answer if they are being hacked because their systems are so overloaded with data that they cannot pinpoint cyber-attacks.
“It’s pretty clear that the majority of today’s companies just don’t have enough visibility into their networks and therefore don’t know what needs protecting and what doesn’t,” said Jain. “We often see major corporations being attacked day in and day out, but since they don’t have a full understanding of their infrastructure security weaknesses and risk gaps, they don’t know where and how to put up their defenses.”