Research snapshot - A corporate view of IT Security Threats
1. Vanson Bourne, Summer 2013
Interviews with 100 IT decision-makers from organisations with more than
1,000 employees, across a range of commercial sectors in the UK
Research snapshot –
A corporate view of
IT Security Threats
2. Delivering IT security is becoming more complicated…
Source: Vanson BourneOrganisations who feel that delivering IT security is a more complicated task than previously
Seven in ten organisations
acknowledge that delivering
IT security is more
complicated than before
Organisations who have increased
their spend on IT security are twice
as likely to find delivering IT security
more complicated than
previously, when compared with
organisations who have not increased
their spend
82% 41%
Increased spend on IT
security
Not increased spend on
IT security
Security protocols
and security
providers/partners
Neither
70%
46%
Organisations who do not have a
formal process for reviewing their
security protocols and security
providers/partners are less likely to
be aware of the challenges of
delivering IT security, compared to
organisations who do have formal
process in place
3. Source: Vanson BourneOrganisations who do not feel they are 100% protected against security threats
…With many organisations exposed to security threats
On average eight in ten
organisations do not feel that
they are 100% protected
against security threats
Enterprise organisations are most
likely to feel that they are not
completely protected against security
threats, with nine in ten reporting
as such
Medium-sized
organisations
Enterprise
organisations
90% 72%
RD&T
64% 88%
Although finance organisations are the most likely to
be confident that they are protected against all
security threats, almost two thirds of organisations in
this sector are still not protected
Services
& Utilities
84%
Finance Manufacturing
88%
4. Malware as a threat to IT security
Source: Vanson BourneOrganisations perceived threats to IT security (malware)
Eight in ten organisations feel
that malware provides a threat
to IT security…
… Yet only one in ten are
entirely confident that their
organisation is protected from
malware issues
Organisations who have increased their
spend on IT security are almost three
times more likely to feel completely
protected against malware, compared to
organisations who have not increased their
spending
19% 7%
Increased spend on IT
security
Not increased spend on
IT security
Finance
20%8%
Finance organisations are half as likely to be
entirely protected against malware issues
than organisation in the services and utilities
sector
Services
& Utilities
5. The use of personal cloud
storage presents IT security
threats to seven in ten
organisations
Source: Vanson BourneOrganisations perceived threats to IT security (personal cloud storage)
Less than one in ten enterprise
organisations are entirely confident
that they have the necessary control
and protection in place to completely
remove any threats from personal
cloud storage
RD&TManufacturingMedium-sized
organisations
Services
& Utilities
Enterprise
organisations Finance
8% 12%
76% 68% 68% 68%
More than three quarters of organisations in the
finance sector feel that the use of personal cloud
storage presents IT security threats
Personal cloud storage as a threat to IT security
6. Source: Vanson BourneOrganisations knowledge of previous cyber threats and attacks they have faced
But are organisations aware of cyber threats and attacks?
Three quarters of
organisations agree that they
cannot be 100% certain they
know of every cyber threat or
attack they have faced
75%
Organisations who spend less than 5% of their IT
budget on security are most likely to feel that they
cannot be 100% certain they know of all cyber
threats and attacks they have faced
83%
Spend less than 5% of
IT budget on security
73%
Spend 5% - 10% of IT
budget on security
69%
Spend more than 10%
of IT budget on security Enterprise
organisations RD&T
84%
84%
More than eight in ten enterprise size
organisations and organisations in the
retail, distribution and transport sector
are not certain they know of all cyber
threats and attacks they faced