11 May 2012

IT Security Pros Fail on Risk Strategies, While Thinking They Are on Track

IT security pros in Europe have significant gaps in their company risk strategies, despite thinking they are on track. According to a recent research from HP, 79 percent of security professionals believe they have an information security risk plan in place, but only 14 percent are confident they have a complete picture of their security.

"These results indicate that security professionals are not as aware as they think about the real state of their security, or what they should be doing in order to protect themselves from ever developing threats," said Jennifer Lake, security product marketing manager at the company.

“Security professionals should be developing an intelligent approach to enterprise security, rather than simply securing an organisation’s perimeter.”

The survey also determined the top three information security risks for organisations. The respondents said they were worried about staff inadvertently breaching security (19 percent), mobile devices (18 percent), and malware and viruses (17 percent).

The study also revealed that almost 90 percent of IT pros believe they have governance mechanisms in place to drive right user behaviors and monitor adherence, but 43 percent aren’t confident that they have visibility of risk within their organisations.

For the research, 500 security professionals were questioned at the recent InfoSecurity Europe conference in London.