Companies Buy Good Security, But Fail to Deploy It Properly

Companies may be investing more in multilayered IT security solutions, as everyone says that they should, but once purchased those solutions are not being properly deployed.

A Lieberman Software survey has revealed that companies are putting their customers’ data at risk because IT teams don’t have the expertise or time to deploy complicated IT security products.

The results were a bit alarming; about 69 percent of respondents said that do not feel they are using their IT security products to their full potential. As a result, a staggering 71 percent of IT professionals believe this is putting their company, and possibly customers, at risk.

When survey respondents were asked why they don’t use their IT security products to their full potential, 62 percent revealed they either found the products too complicated to deploy, too time consuming to deploy, or didn’t think they had the expertise to properly deploy them.

“As zero-day attacks and other cyber threats evolve at a steady pace, many organizations are searching for new IT security solutions to defend against the latest wave of attacks,” said Philip Lieberman, president of Lieberman Software. “Unfortunately, these organizations often discover too late that the products they purchase cannot scale to large enterprise environments, or be deployed quickly enough to provide real defense. That creates a significant security deficit that leaves organizations at risk.”

The survey also showed that for most organizations, compliance trumps security. A full 61 percent of survey respondents admitted that their organization has deployed a security product purely to meet regulatory compliance regulations.

“Regulatory compliance requirements drive most implementations of IT security products,” said Leiberman. “However, compliance does not equal security. Despite the regulatory initiatives that most organizations are subject to, data breaches are now happening more frequently and becoming increasingly severe. There’s more to achieving real IT security than completing an auditor survey and marking a few check boxes. True security requires continuous measurement and correction in the face of the unrelenting cyber-threats that compliance mandates simply fail to anticipate.”

What’s Hot on Infosecurity Magazine?