Complex IT security products putting companies at risk

Lieberman Software survey reveals that today’s complicated IT security solutions are not being properly deployed and, for most organizations, compliance trumps security.

  • 9 years ago Posted in

Companies are putting their customers’ data at risk because IT teams do not have the expertise or time to deploy today’s complicated IT security products, a new survey from Lieberman Software Corporation revealed.


The survey, which was carried out at RSA Conference 2015 and measured the attitudes of nearly 170 IT security professionals, revealed 69 percent of respondents do not feel they are using their IT security products to their full potential. As a result, a staggering 71 percent of IT professionals believe this is putting their company, and possibly customers, at risk.


When survey respondents were asked why they don’t use their IT security products to their full potential, 62 percent revealed they either found the products too complicated to deploy, too time consuming to deploy, or didn’t think they had the expertise to properly deploy them.


“As zero-day attacks and other cyber threats evolve at a steady pace, many organizations are searching for new IT security solutions to defend against the latest wave of attacks,” said Philip Lieberman, President of Lieberman Software. “Unfortunately, these organizations often discover too late that the products they purchase cannot scale to large enterprise environments, or be deployed quickly enough to provide real defense. That creates a significant security deficit that leaves organizations at risk, as the findings in this survey indicate. To be effective in today’s cyber warfare environment, a security solution must have enterprise scalability, be rapidly deployed without requiring expensive or time-consuming professional services, and operate automatically and continuously – without involving direct human interaction.”


Additionally, 61 percent of survey respondents admitted that their organization has deployed a security product purely to meet regulatory compliance regulations, rather than to increase security.


“Regulatory compliance requirements drive most implementations of IT security products. However, compliance does not equal security. Despite the regulatory initiatives that most organizations are subject to, data breaches are now happening more frequently and becoming increasingly severe. There’s more to achieving real IT security than completing an auditor survey and marking a few check boxes. True security requires continuous measurement and correction in the face of the unrelenting cyber threats that compliance mandates simply fail to anticipate,” continued Lieberman.

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and...
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...