CompTIA 10th Security Study

311 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
311
On SlideShare
0
From Embeds
0
Number of Embeds
43
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

CompTIA 10th Security Study

  1. 1.      CompTIA  Member  Services,  LLC        IT  Security  Still  a  Critical  Area  After  a  Decade  of  Study  CompTIA’s  10th  Annual  Information  Security  Trends  study  comes  at  a  time  of  dramatic  change  in  the  IT  industry.  Cloud  computing,  mobility,  and  big  data  are  altering  the  landscape  and  causing  technology  to  be  ingrained  in  business  operations  like  never  before.  Yet  security  remains  a  high  priority,  even  among  these  trendy  topics.  Four  out  of  five  companies  place  a  higher  priority  on  security  today  than  they  did  two  years  ago,  and  PricewaterhouseCoopers  estimates  that  global  cybersecurity  spending  hit  $60  billion  in  2011.    As  companies  take  actions  to  address  new  trends  in  technology—such  as  detailed  reviews  of  cloud  provider  security—they  are  also  finding  that  new  technology  is  causing  end  users  to  play  a  more  prominent  role  in  security  schemes.  End  users  are  important  because  the  human  element  is  playing  a  larger  part  in  security  breaches.  Not  only  does  it  contribute  to  over  half  of  root  cause  of  breaches,  but  46%  of  companies  also  see  it  becoming  more  of  a  factor  over  the  past  two  years.  The  top  source  of  human  error  is  end  user  failure  to  follow  procedure.  It  is  difficult  for  a  product  to  adequately  address  this  issue,  so  companies  must  consider  new  ways  of  educating  their  workforce.  Instead  of  one-­‐time  training,  companies  should  build  programs  that  are  ongoing  and  interactive,  with  metrics  that  track  effectiveness.  Another  source  of  error  could  be  the  IT  staff.  While  nearly  6  out  of  10  companies  believe  their  staff  has  an  appropriate  level  of  expertise,  companies  are  aware  that  skills  gaps  exist  in  areas  such  as  cloud  security,  mobile  security,  and  data  loss  prevention.  These  gaps  can  be  closed  with  training  and  certification—84%  of  companies  report  a  positive  ROI  from  certifying  their  staff.  The  IT  channel  can  also  play  a  role  in  improving  the  security  posture  for  organizations.  Three  fourths  of  channel  firms  are  involved  in  security  in  some  form,  with  18%  offering  security  as  a  stand-­‐alone  product  or  service.  As  with  other  areas  of  technology,  channel  firms  are  looking  for  ways  to  offer  security  in  a  recurring  revenue  model.  This  could  be  offering  cloud  security  products  in  place  of  traditional  on-­‐premise  hardware  or  software,  or  it  could  be  offering  security  as  a  managed  service.  Education  for  end  users  represents  a  prime  opportunity  here  if  channel  firms  can  build  effective,  ongoing  training  programs.  Addressing  this  important  topic  is  also  good  business:  66%  of  channel  firms  involved  with  security  expect  security-­‐related  revenue  to  grow  in  the  next  year,  with  16%  expecting  significant  growth  of  10%  or  greater.  CompTIA’s  10th  Annual  Information  Security  Trends  study  was  developed  from  a  survey  of  500  end  user  firms  and  368  channel  firms  in  the  US.  The  data  was  collected  during  September/October  2012.  The  full  report  is  available  at  no  cost  to  CompTIA  members.  Visit  www.comptia.org/research  or  contact  research@comptia.org  for  details.  Human&Element&a&Major&Part&of&Security&Risk&Factors(in(Security(Breaches(54%(46%(Human(Error(Technology(Error(Top(Human(Error(Sources((49% &End&user&failure&to&follow&&policies&and&procedures&(36%& &IT&staff&failure&to&follow&&policies&and&procedures&&34%& &General&carelessness&&regarding&security&&34% &Lack&of&security&experBse&&with&website/applicaBons(Source:&CompTIA’s&10th%Annual%Informa0on%Security%Trends%study&Base:&308&end&users&experiencing&security&breaches&

×