December 15, 2016 -
Versasec has published a new study that reveals that IT executives in small- and medium-sized companies as well as larger enterprises believe that mobile, bring-your-own-devices, and cloud usage pose the biggest security challenges as they head into 2017.
In the report, nearly 70% of respondents said their companies will spend at least 10% of their IT budgets on security in 2017.
In fact, 15% of respondents said their budgets for IT security will account for more than 50% of their overall budget — up from approximately 40% of respondents who said earlier this year that their IT security spending will fall between 0% and 9% of their budgets.
While public perception of IT security threats typically centers around external hackers and slightly more than half of the respondents stating that external threats are a huge concern for them, roughly 44% of respondents admitted they are more concerned about internal threats than external ones.
Versasec conducted its follow-up survey in the late fall of 2016. Nearly 80% of the respondents — whom represented a range of industries based in North America, Europe/Middle East/Africa, and the Asia Pacific zone — work for companies with fewer than 1,000 employees.
“While larger enterprises are having greater success in combating IT security threats, their progress has emboldened many hackers to set their sights on SMEs,” said Joakim Thorén, CEO of Versasec. “Now, the SMEs are deploying in greater numbers solutions such as smart cards, public key infrastructure, and biometrics so their data is not as vulnerable.”
The study showed that 49% of respondents said they plan to deploy smart cards in 2017. Respondents said they will also continue introducing user/password solutions (44%), biometrics (24%), OTP or one-time passwords (24%), and PKI (23%).
The study also highlighted several other key findings, including 60% of respondents stating that network security remains a critical issue in 2016, with 16% saying that multifactor ID has been on the rise. Other security solutions they currently rely on include cybersecurity (13%) and physical security (11%).
As we head into 2017, nearly all forms of security will see an increase. Network security and cybersecurity solutions will be implemented by the majority of respondents(58% and 50%, respectively), followed by multifactor ID (28%) and physical security (26%).
Respondents said they would specifically focus their security efforts on network security (56 percent), strong authentication and identity and access management (IAM), (42% for each), encryption (37%), endpoint security (35%), and physical security (24%).
While IT security personnel are most concerned about mobility, BYOD, and cloud usage as they head into 2017 (55%, 48% and 49%, respectively), they also have concerns around big data (23%) and the Internet of Things (18%).
Those concerns have grown since the earlier Versasec survey; at that time, mobility was cited by 43% of respondents, BYOD at 22%, and cloud at 32%.
As revealed in the earlier Versasec survey, there continues to be a huge reliance on simple security, with 84% of respondents stating that username and password are a primary method for authenticating access to their company’s data, despite the very public breaches faced by many companies over the last few years.
Physical smart cards are in use at 56% of the companies, while others rely on PKI (36%), OTP (24%) and biometrics (17%).
“Smart cards are simply the most cost effective way for securing a company’s IT domain today,” Thorén said. “They are easy to manage and make it possible to protect data from human error – whether benign or malicious – where breaches are most often made.”