It’s no secret that security fortification is top of mind for IT leaders these days. For modern-day businesses, cybersecurity has moved well beyond being considered just an IT issue to a broader boardroom issue. As a result, businesses are required to take a more holistic view of their security practices – from the technology they purchase, to the processes they use to implement and maintain it, to how they educate their employees to minimize their overall cybersecurity risk.
The unfortunate reality is no company is immune from cyberattacks. The quote from Robert Mueller, the former director of the FBI, becomes more prophetic with each passing day – “There are only two types of companies – those that have been hacked, and those that will be hacked.”
Fortunately, most IT pros recognize that security is never a “one and done” proposition – it’s always an ongoing process. As cyberthreats have evolved, the strategies to combat them must as well. Of course, that’s easier said than done. According to a new report from Spiceworks, entitled “The Future of Network and Endpoint Security,” there are a number of security vulnerabilities in today’s landscape that business leaders have been slow to adjust to, as well as a number of steps they could take but, so far, have been reluctant to. Here’s a rundown of four main areas where many companies today have noticeable weaknesses.
- Lack of preparation for today’s threats: Security threats aren’t limited to the traditional techniques of old – the threat landscape is rapidly evolving. Spiceworks found that 27% of companies are unprepared to deal with internal data leaks; other common issues included zero-day exploits (18%), attacks on IoT devices (17%), supply-chain attacks (15%), DDoS attacks (15%), and cryptojacking (15%).
- Old, outdated hardware and software: The older the infrastructure, the more vulnerable. For example, Spiceworks found that 32% of businesses still have at least one computer that’s running Windows XP.
- Limited use of encryption: Encryption is essential for any business in protecting their intellectual property. But there’s unfortunately a big encryption gap between theory and practice, per Spiceworks – 3 out of every 4 IT decision-makers believe it’s critical to encrypt data wherever it may be, and yet 17% of businesses still don’t employ any type of encryption. It’s time to close this gap.
- Shortage of dedicated security experts: It’s hard to focus on data security if you don’t have people on your team who have the expertise and are dedicated to the task full-time. Spiceworks found that only 47% of businesses have one or more cybersecurity experts on staff, and that figure is even lower for smaller organizations. Without the right people on the team, effectively securing the enterprise will always be an uphill battle.
So where’s the best place to start? A proactive approach to security often starts with a comprehensive assessment. That’s where Zones can help. We offer a complete portfolio of risk-focused and compliance-focused Security Assessments to help organizations identify risks and vulnerabilities, enabling them to protect their most important assets or achieve their compliance objectives.
At Zones, we believe that today’s organizations should put safety first, second, and third. We’ll help you protect your business from every angle – your endpoints, your data center, your networks, and of course the cloud.
Ready to learn more about what we can do in terms of Security Fortification? You’re in the right place – just click below.