Orgs need to share info, crave more board oversight, study says
Organizations have made strides but need more nimble security models and greater board oversight, a study found.
Even as an information-sharing bill sits before Congress and amid warnings from both government and private sector groups that hackers have grown proficient by sharing threat information, only a little over a third of companies actually share data, a study released on Tuesday revealed.
The “Third Annual Information Security Survey,” conducted by Blue Lava Consulting and sponsored by vArmour, found that while 36 percent of respondents share information with industry groups, while 50 percent of respondents don't share any information.
The study also found that legacy security systems that guard the perimeter have lost their luster with the majority (75 percent) of information security professionals surveyed who are stepping away from traditional security approaches, and now will likely allocate their budget dollars on new vendors for “agile security solutions” to protect their data centers.
“Legacy Information Security systems are inadequate to protect organizations today since the perimeter is essentially gone,'” Demetrios Lazarikos, IT security researcher and strategist at Blue Lava, told SCMagazine.com in a Wednesday email correspondence.
"Data centers are a 'hot mess,'” he added, “since legacy systems have been cobbled together and in most cases are being protected by legacy security solutions that haven't changed in over a decade.”
Cloud technologies sit firmly on the horizon of the 300-plus IT security directors and executives queried for the study, though those “hot mess” data centers may stand in the way of a smooth transition to the cloud.
Pointing out that “organizations can't transform themselves fast enough as the business goes completely digital,” Lazarikos underscored that “all aspects of operating a data center today require organizations to be completely agile in today's digital world.”