IT Security Survey Shows Company Size and Maturity Level are Crucial for Security Readiness
Versasec Study Shows SMEs are Bound by Small Security Budgets, Lack of Information.
New York, NY, April 01, 2016 --(PR.com)-- When it comes to securing their data, small- and mid-sized enterprises (SMEs) remain several steps behind their larger counterparts. That's according to a recent poll of IT professionals conducted by Versasec, the leader in smart card management systems. Nearly 75 percent of the respondents work for companies with fewer than 1,000 employees.
Some reasons for the disparity in security readiness may be that SMEs have not as often been the targets of hackers, privately held companies don't face the same pressures for security as do their public-company counterparts, and that they simply may have pushed off the issue, according to Joakim Thorén, Versasec's CEO.
But as larger companies become increasingly sophisticated around security, hackers are re-aiming their sites at smaller companies, and many are simply not prepared. For instance, of those surveyed, nearly 40 percent admitted they would like to better understand smart card management tools to help them meet their company's security needs.
Other key findings of the study, which polled information technologists in a broad range of industries, included the following:
* Mobility is daunting: Respondents from companies of all sizes cited mobility as the technology that poses the greatest security concern for them (43 percent). Other concerns include cloud usage (32 percent) and external devices/BYOD implementations (22 percent). The crux here, however, is that although SMEs are mature enough to recognize these security challenges, they may not be ready yet to invest in addressing them, as is evidenced by the next data point.
* Network security is a key focus: Survey respondents said network security, at 74 percent, was where they are focusing their security efforts this year. Other key areas for investments in security include physical security (43 percent), two-factor identification (41 percent), and cybersecurity (37 percent).
* Heavy reliance on simple security: The vast majority of respondents (86 percent) say username and password are a primary method for authenticating access to their company's data, despite the very public breaches faced by many companies over the last few years. Physical smart cards are in use at slightly more than half the companies (54 percent). Other methods the companies said they use include public key infrastructure (43 percent) and one-time password (31 percent). Biometrics and virtual smart cards are distant followers, at just 16 percent and 12 percent, respectively.
* Budgets are not security focused: Slightly more than 40 percent of those surveyed said their companies have committed just 0 percent to 10 percent of their IT budget on security for 2016. Approximately 36 percent said security spending this year would consume between 10 percent and 25 percent of their budget. An additional 12 percent said they would spend between 25 percent and 50 percent of their budget on security.
"It will be interesting to look at these numbers in a year's time and see whether the SMEs are stepping up their security spend, and why," Thorén said. "For now, we are encouraged to see the interest in using smart cards as it's the easiest and most cost effective way for securing a company's IT domain today."
Some reasons for the disparity in security readiness may be that SMEs have not as often been the targets of hackers, privately held companies don't face the same pressures for security as do their public-company counterparts, and that they simply may have pushed off the issue, according to Joakim Thorén, Versasec's CEO.
But as larger companies become increasingly sophisticated around security, hackers are re-aiming their sites at smaller companies, and many are simply not prepared. For instance, of those surveyed, nearly 40 percent admitted they would like to better understand smart card management tools to help them meet their company's security needs.
Other key findings of the study, which polled information technologists in a broad range of industries, included the following:
* Mobility is daunting: Respondents from companies of all sizes cited mobility as the technology that poses the greatest security concern for them (43 percent). Other concerns include cloud usage (32 percent) and external devices/BYOD implementations (22 percent). The crux here, however, is that although SMEs are mature enough to recognize these security challenges, they may not be ready yet to invest in addressing them, as is evidenced by the next data point.
* Network security is a key focus: Survey respondents said network security, at 74 percent, was where they are focusing their security efforts this year. Other key areas for investments in security include physical security (43 percent), two-factor identification (41 percent), and cybersecurity (37 percent).
* Heavy reliance on simple security: The vast majority of respondents (86 percent) say username and password are a primary method for authenticating access to their company's data, despite the very public breaches faced by many companies over the last few years. Physical smart cards are in use at slightly more than half the companies (54 percent). Other methods the companies said they use include public key infrastructure (43 percent) and one-time password (31 percent). Biometrics and virtual smart cards are distant followers, at just 16 percent and 12 percent, respectively.
* Budgets are not security focused: Slightly more than 40 percent of those surveyed said their companies have committed just 0 percent to 10 percent of their IT budget on security for 2016. Approximately 36 percent said security spending this year would consume between 10 percent and 25 percent of their budget. An additional 12 percent said they would spend between 25 percent and 50 percent of their budget on security.
"It will be interesting to look at these numbers in a year's time and see whether the SMEs are stepping up their security spend, and why," Thorén said. "For now, we are encouraged to see the interest in using smart cards as it's the easiest and most cost effective way for securing a company's IT domain today."
Contact
Versasec
Marianne Dempsey
+1 (508) 475-0025x115
http://versasec.com
Marianne Dempsey
+1 (508) 475-0025x115
http://versasec.com
Contact
Categories