Netwrix Survey Reveals Only 17% of Organizations are Well Prepared to Beat Cyber Risks
May 2016 by Netwrix
Netwrix Corporation, a provider of IT auditing software that delivers complete visibility into IT infrastructure changes and data access, today announced the results of its global 2016 IT Risks Report. The survey aimed to identify the most common cyber risks caused by IT changes and to estimate how well companies are prepared to deal with these risks.
The 2016 IT Risks Report was conducted by Netwrix in January 2016. Researchers analyzed the responses of 826 IT professionals who represented more than 40 industries and organizations of different sizes located worldwide.
The survey’s key findings are:
• Only less than one-fifth of organizations (17%) are confident about their ability to beat cyber risks.
• Nearly 78% of respondents consider visibility into IT infrastructure an absolutely critical part of their security strategy.
• More than one-half of respondents (58%) claim that the IT change controls or their absence are adequate to their business specifics and organization type.
• At the same time, a majority of respondents have faced various cyber risks over the last year due to lack of visibility into changes. Two-thirds of organizations (67%) admit they had security incidents, 53% of respondents experienced system downtime, and 45% had compliance issues.
• Organizations want deeper visibility into IT infrastructures to better prevent, detect, and respond to cyber risks. Therefore, more companies switched to automated methods of IT auditing, preferring to use third-party solutions (39% in 2016, compared to 29% in 2015). Overall, IT auditing is becoming a widely established practice, with 63% of organizations having IT auditing processes in place in 2016 vs. 52% in 2015.
“The survey discovered an inconsistency between the initial assessment of maturity and the adequacy of IT change controls deployed by organizations and their actual ability to deal with cyber risks,” said Michael Fimin, CEO and co-founder of Netwrix. “Ensuring security today can be a challenge even for experienced professionals. Due to this pressing need for stronger protection, more organizations establish IT auditing processes and automate related tasks to achieve deeper visibility into critical systems and data. Continuous control over the IT environment will enable organizations to stay on top of what is going on across the entire IT infrastructure and mitigate the impact of unwanted or unauthorized activity to timely address security issues before they inflict significant damage.”
“Effective risk and security management requires an integrated approach in which risk and security are made part of the core fabric of business processes and become key components of the organizational culture,” stated the February 2016 Managing Risk and Security at the Speed of Digital Business Report by Gartner. “This requires infusing the key components of risk and security management (i.e., policies, processes, behavior and technology) across all the dimensions of IT — business processes, applications, technology infrastructure and, most importantly, people.”