Newly released survey data from Tenable Network Security, Inc. has revealed that most German and UK organisations acknowledge shadow IT as a major security concern, but Germany reported more cyberattacks through shadow assets.
Survey data showed that 88% of IT decision makers in UK and German organisations feel shadow IT makes them more vulnerable to cyberattacks. 55% of UK respondents and 57% of German respondents said that shadow IT has been introduced into their organisations’ environments.
Of the organisations currently affected by shadow IT, 65% of German IT decision makers said the use of unknown or shadow assets and applications has directly led to a cyberattack within the last 12 months, compared to 45% in the UK.
“The presence of unknown or undiscovered assets makes it difficult for security teams to identify and manage the available attack surface,” said Gavin Millard, EMEA technical director, Tenable Network Security. “If organisations want to stay ahead of the curve they need security solutions that provide the continuous visibility required to stop shadow IT from becoming an attack vector.”
When it comes to which departments are deploying shadow IT, UK and German respondents identified engineering (30%), design/R&D (27%) and finance (25%) as the three most egregious offenders.
“The fact that many respondents are feeling the pain of shadow IT isn’t a surprise to the industry, but the numbers were much higher than we expected,” said Millard. “The foundation of security is having insight into what’s in use on the network and it’s important that security and operations embrace the needs of the business or they will continue to remain vulnerable to cyber threats.”
According to the research, which was conducted by Vanson Bourne on behalf of Tenable, 38% of UK respondents and 50% of German respondents expect the use of shadow IT in their organisations to increase in the next year.
Comment on this article below or via Twitter: @IoTNow_ OR @jcIoTnow