An overwhelming 80% of companies say that “end user carelessness” constitutes the biggest security threat to their organizations, surpassing the ever-present peril posed by malware or organized hacker attacks .
Additionally, 65% of businesses do not calculate the cost or business impact of security-related downtime and over 30% of firms are unable to detect or defend against a security breach in a timely manner when one does occur.
Those are among the top findings of the ITIC/KnowBe4 “2013 – 2014 Security Deployment Trends Survey.” The joint independent Web-based survey polled 500 organizations during October/November 2013 on the leading security threats and challenges facing their firms and their top priorities over the next 12 to 18 months. In order to maintain objectivity, ITIC and KnowBe4 accepted NO vendor sponsorship and none of the respondents received any remuneration for participating.
The data indicates that IT departments are hard pressed to stay abreast of myriad security issues which represent just one portion of their overall job responsibilities. Some 44% of survey respondents said their IT departments and security professionals spend less than 20% of their time on daily operational security. Another 32% said they devote 20% to 40% of their time on security. Only 20% of participants dedicate a significant portion of their daily and weekly administrative activities to securing their systems and networks.