Over 40% of IT professionals ignore critical security issues they can’t fix

Bob Egner of Outpost24

Outpost24, a provider of Vulnerability Management solutions for commercial and government organisations, announced the results of a survey of 155 IT professionals, which revealed that 42% ignore critical security issues when they don’t know how to fix them (16%) or don’t have the time to address them (26%).

The survey, which was carried out at the RSA Conference in April 2018, also asked respondents what area of their IT estate they consider to be the least secure. This revealed 25% are most concerned about their cloud infrastructure and applications, 23% are most concerned about their IoT devices, 20% said their mobile devices, 15% said their web applications, while 13% were most concerned about their data assets, databases and shares. Owned infrastructure and data centres seems to cause the least concern, with only 5% saying they were least secure.

Additionally, when survey respondents were asked how quickly their company remediates known vulnerabilities, 16% stated they review their security at a set time every month, 7% said they do it every quarter, however a worrying 5% said they only carry out assessments and apply fixes once or twice a year. Only 47% of organisations patch known vulnerabilities as soon as they are discovered.

“The trend lines have already been drawn, and we can see from the survey results that they are not improving,” said Bob Egner, VP at Outpost24. “Our survey results suggest that businesses are adding technology as a key element of their strategy but not preparing their security teams with the skills and resources to keep up. It’s vital that organisations have full awareness of all assets that the business relies on, and that they are constantly tuning for the lowest possible level of cyber security exposure.”

Respondents were also asked if security testing is conducted on their enterprises systems, which revealed that 7% fail to conduct any security testing whatsoever, however, reassuringly, 79% of respondents said they do carry out testing. Respondents were also asked if their organisation had hired the services of penetration testers and 68% revealed they had. The study also found that of those organisations that had hired penetration testers, 46% had uncovered critical issues that could have put their business at risk.

Egner added: “Outsourcing services like penetration testing can be an excellent way to get a holistic overview of the cyber security exposure across an organisation’s assets as well as expose threats within systems that may well have gone unnoticed. To maximise the value of testing investment, remediation action should be taken as close to the time of testing as possible. With the proliferation of connected technologies, the knowledge and resource gap continue to be key challenges. Security staff can easily become overwhelmed and lose focus on the remediation that can be most impactful to the business.”

Comment on this article below or via Twitter: @IoTNow OR @jcIoTnow

FEATURED IoT STORIES

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, iot home automation is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more
RECENT ARTICLES

Scality’s 2022 forecast: Storage solutions get AI/MLOps upgrade, enhanced ransomware protection

Posted on: December 8, 2021

London, UK. 7 December 2021 – Scality announced its data storage predictions for 2022, coming off a year when ransomware attacks have exploded, skills shortages remain, and cloud adoption continues. This year’s forecast homes in on how storage solutions will evolve to meet these challenges and how emerging technologies will impact the data storage landscape.

Read more

Virtana free tier offering lets enterprises experience simplified hybrid cloud optimisation at no cost

Posted on: December 8, 2021

Virtana announced the immediate availability of a free version of Virtana Optimize, its cloud optimisation solution. The Free Tier offering complements the Premium version of Virtana Optimize, allowing for frictionless customer adoption.

Read more