46% IT security professionals don’t change security strategy even after cyber attack

This level of cyber security inertia and failure to learn from past incidents puts sensitive data, infrastructure, and assets at risk

New Delhi: Nearly half of the IT security professionals, 46 percent, failed to change their security strategy substantially even after experiencing a cyber attack, according to the information by the security firm, CyberArk.

This level of cybersecurity inertia and failure to learn from past incidents puts sensitive data, infrastructure, and assets at risk, CyberArk’s “Global Advanced Threat Landscape Report” 2018, said this week.

46 percent respondents said their organisation can’t prevent attackers from breaking into internal networks each time it is attempted while 36 percent reported that administrative credentials were stored in Word or Excel documents on company PCs.

Meanwhile, 50 percent admitted that their customers` privacy or personally identifiable information (PII) could be at risk because their data is not secured beyond the legally-required basics.

89 percent professionals stated that IT infrastructure and critical data are not fully protected unless privileged accounts, credentials, and secrets are secured.

The respondents also indicated that the proportion of users who have local administrative privileges on their endpoint devices increased from 62 percent (in 2016 survey) to 87 percent in 2018, which is a 25 percent jump and indicative of employee demands for flexibility trumping security best practices.

Leave a Comment

Your email address will not be published. Required fields are marked *