The latest news from e92plus
2018 Netwrix IT Risks Report
- Oct 3, 2018, 12:00 PM
- Alex Young
Read the Full Report here
For their third annual IT risks survey, Netwrix decided to completely revamp their approach and make an in-depth study of six major IT risks that are significant for most organizations: physical damage, intellectual property theft, data loss, data breach, system disruption and compliance penalties. They collected feedback from 1,558 organizations of various sizes from many different regions and verticals (see Appendix A for a detailed breakdown of the demographics).
Perhaps the most significant finding of the survey is a vivid discrepancy between organizations’ expectations and reality. Most companies consider hacker attacks to be the most dangerous threat, while the evidence shows that insiders cause an overwhelming majority of security incidents by accidental actions.
As expected, organizations plan to focus on improving protection and detection to mitigate the majority of risks. However, for compliance penalties, they say that identification of security risks is equally important.
Currently, however, organizations are failing to do security basics properly. In particular, most organizations regularly practice only a few security controls, such as software patches and user password updates. They rarely or never get rid of stale and unnecessary data or bother to classify the data they store. As a result, they leave their environment vulnerable to many security threats. Organizations also fail to control shadow IT — they still do not consider it important to review the software that employees use.
Despite this lack of insight into their data and applications, over 60% of organizations think that their level of visibility into user activity is high enough. Unfortunately, this is a false sense of security. Almost half of respondents (44%) either do not know or are unsure of what their employees are doing with sensitive data, which means that they have very little control over what’s going on in their IT environment and will not be able to detect unauthorized activity until it causes real damage.
We were pleasantly surprised to see that 70% of companies are already doing risk assessment. However, the majority of them do not do it regularly. As a result, they can easily overlook gaps in their security posture and fail to address new threats promptly as they emerge.
We were disappointed that only 17% of organizations have an actionable incident response plan. The rest either have a draft of a plan, have a plan but do not communicate it well, or have no plan at all, which means that they cannot respond promptly when a security incident occurs and minimize the damage.
In short, most organizations are failing to implement the fundamental security practices that mitigate IT risks: Know your environment and data like the back of your hand, actively monitor for suspicious user activity, conduct risk assessments regularly, and be prepared to recover from a breach at all times.