There is a growing awareness of cybersecurity within companies, but are these companies taking action to improve their security? As seen in a recent study, 750 IT security decision-makers worldwide were surveyed to see whether they are “learning and applying lessons from high-profile cyber-attacks”, and if it influences their security priorities and decisions.
The study examined the contradictory situation that is currently present in a number of global businesses. On a positive note, 79% of those surveyed said that they learned their lesson after seeing cyberattacks jeopardize the IT security in other companies, and 55% confirmed that they have changed the way they manage corporate accounts in order to adapt to the current cybersecurity climate and avoid unnecessary risks.
Nevertheless, the survey also exposes a very different reality. Far different from those who are complying with security procedures, 40% of the survey’s participants stated that they just use a Word document or worksheet to manage their company’s credentials and 28% stated that they use a shared server or a USB stick, for the same purpose. What is obvious is that IT security is absent in almost half of the 750 businesses in the survey.
Of course the previously mentioned storage methods are all susceptible of suffering a cyberattack, especially if they fall into the hands of someone with the right know-how, but they can also be leaked by the company’s own employees. A Word document makes private information accessible for any employee in the company.
To ensure that employees only use their own password, companies should use a password manager that will also protect their company’s devices. This will also help keep documents and devices, like a Word document or USB memory stick that stores passwords, safe from a cyberattack or infection.
In terms of cybersecurity, there is still a long way to go in the business environment. IT security should be a priority. Although, 95% of these organizations have a plan in place in case of IT emergencies, only 45% of them periodically check that they are functioning properly.
Despite their carelessness, 68 % of those surveyed claim that their greatest concern and challenge is the data theft of their customers (but this percentage does not correspond with the cybersecurity mechanisms implemented by IT security heads).