Blog Date: 12/6/2016
Author: Ray Coulombe
From April 4, 2016 to June 3, 2016, PricewaterhouseCoopers (PWC), and CXO Media (publications CIO, and CSO) conducted “The Global State of Information Security Survey 2017. While clearly meant for the IT sector, I found several areas of interest to the broader security market.
48% of IT services are delivered via the cloud – So, with IT departments placing more of their services in the cloud, it’s no surprise that electronic security will follow. Cloud security offered by the most reputable ISP’s are arguably more secure than most private clouds.
62% of respondents use managed security services for initiatives like authentication, identity and access management, real-time monitoring and analytics, and threat intelligence – This is good news, indeed. But what’s going on with the other 38%? There’s no excuse for not using today’s available technology.
57% employ biometrics for authentication – It’s great to see multi-factor authentication really taking hold. (Thank you, Apple.) I’ll be shocked if this number is not 10 points higher next year.
51% employ Big Data for cybersecurity - Big Data is one of the best technical tools for cyber defense. I sincerely hope that the tools and pricing can be brought to a point where the masses (i.e., SMB’s) can participate.
48% conduct vulnerability assessments, 47% conduct threat assessments, 44% conduct penetration testing – I lumped these together, because collectively they prompt a big “Shame on you” to the other 50+%.
38% of survey respondents reported phishing scams, making it the top vector of cybersecurity incidents – This is low hanging fruit. Education, training, ongoing awareness campaigns should all be part of an ongoing effort to be suspicious as hell about unsolicited links, files, images, etc., even if purported to be from someone you know well.
28% of survey respondents reported security compromises of mobile devices – I would be interesting to see a further breakdown of causes, which could include insufficient passwords, use of public Wi-Fi in the clear, bad apps, etc.
60% of respondents who use managed security services tap their service providers to handle identity and access management – This is good news, as third party providers probably do a better job using latest available technology.
23% plan to invest in artificial intelligence and machine learning this year – Having written about this several times this year, there is no doubt that this is a highly impactful technology. Good to see it moving beyond the early adopter phase.
46% are investing in an IoT security strategy, up 10 percent from the previous year – The sooner the better, as this area is on the verge of spiraling out of control!
For the complete report, click here.