A shortage of skilled tech workers is causing businesses to grow concerned about exposure to cyber threats, according to a survey conducted by IT security firm TEKsystems.
Half of IT and businesses leaders indicated that the shortage of security experts is approaching a "state of critical mass," according to TEK. Less than 20 percent said they are a very confident with their in-house security policy and only 15 percent are very confident that their firms carry the necessary talent to "to meet evolving threat landscapes."
Threats to Cybersecurity
Changes in business tactics in recent years have included more mobile, cloud and wireless data access, . Such devices complicate data networks, which, traditionally, were far simpler and easy to manage. Sixty-percent of respondents in the TEKsystems survey said the growing scope and complexity of IT security make it difficult for the organization to effectively evaluate security programs. As a result, security holes could be tougher to identify, putting businesses at risk for unauthorized access to sensitive data.
Unaware Until It's Too Late
Despite the large number of companies that recognize their inability to keep their networks secure, many have a false sense of confidence. In particular, small businesses that may have been traditionally overlooked by hackers are becoming common targets.
"As enterprises have increased their security defenses, hackers have started to target their attacks downstream to small- and medium-sized businesses," said Bill Rielly, senior vice president of SMBs at McAffee.
Although 66 percent of SMBs expressed confidence in their networks, few- if any- protection measures were put in place, according to the survey by McAfee and Office Depot.
While many workers choose to conduct business on mobile networks through bring your own device work policies, only 9 percent of SMBs use endpoint or mobile device security. Forty-five percent do not secure company data on employees' personal phones. The study also showed 80 percent lack data protection and about 50 percent lack email and Internet security. Finally, 14 percent lack any data privacy and security measures at all.
"A business that doesn't have any security measures in place is putting their data and customers' trust in jeopardy," said Rielly.
What should these companies do to protect themselves from losing valuable information or accidentally downloading malware?
Companies should use devices fitted with digital certificates for authentication, . Access privilege should then correspond to specific roles, ensuring that employees are able to access data and programs if they are authorized. IT administrators can also monitor networks or install firewalls to enforce usage policies. This practice can also prevent employees from putting the network at risk accidentally, such as by visiting malicious networks, or from phishing attacks.