IT pros warn of inadequate company security

Data security

The majority of security professionals do not believe their organisations are capable of dealing with serious threats, research has shown.

More than two-thirds of the 488 IT workers surveyed by the Ponemon Institute said their companies did not have the resources needed to deal with potentially major attacks.

Two-thirds claimed security is not considered as mission critical to their organisation's business success.

At a press event today, F-Secure's Tom Gaffney agreed not all companies take security seriously, as shown in the results.

Firms need to recognise, however, that "prevention is cheaper than the cure," he said.

Gaffney expressed concerns over whether top level executives will ever recognise how important security is.

"I am very skeptical they ever will. That is the reality we have seen already in the desktop world," he told IT PRO. "I don't think it will be just one event that will change things."

When mandatory reporting comes into UK law and firms are forced to disclose breaches, that will make "an enormous difference" to how firms manage security, Gaffney added.

A more positive result from the report, according to Vodafone's head of IT security Brian Burton, is the correlation between how the respondents said they deal with standard protection and how mobile devices are secured.

Over half of respondents rated anti-virus and anti-malware as top technologies for decent return on protection (RoP) a similar model to return on investment but based on estimates of how much companies could avoid paying for breaches, rather than actual revenue seen from investment.

A similar percentage said the mobile versions of those technologies are capable of offering a very high RoP.

"There is no real difference in how you secure information across devices," Burton said. "The perception is there that we shouldn't be treating these devices differently."

The business case for greater mobile protection is likely to gather pace after vulnerabilities in smartphone devices were recently uncovered, notably the SMS Trojan affecting Android.

Tom Brewster

Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.

He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.