New research claims the vast majority of IT professionals still believe perimeter security is effective at keeping unauthorised users out of their networks.
“Perimeter security is the focus, but an understanding of technology and data security is lacking,” says Gemalto, who opined in a release that many businesses are continuing to prioritise perimeter security without realising it is largely ineffective against sophisticated cyber-attacks.
According to the findings of Gemalto's fourth-annual Data Security Confidence Index released today, companies are under-investing in technology that adequately protects their business.
Surveying 1,050 IT decision makers worldwide, Gemalto's research says businesses feel that perimeter security is keeping them safe, with most (94 percent) believing that it is quite effective at keeping unauthorised users out of their network.
However, 65 percent are not extremely confident their data would be protected, should their perimeter be breached, a slight decrease on last year (69 percent). Despite this, nearly six in 10 (59 percent) organisations report that they believe all their sensitive data is secure.
According to the research findings, 76 percent said their organisation had increased investment in perimeter security technologies such as firewalls, IDPS, antivirus, content filtering and anomaly detection to protect against external attackers. Despite this investment, two-thirds (68 percent) believe that unauthorised users could access their network, rendering their perimeter security ineffective.
These findings suggest a lack of confidence in the solutions used, especially when over a quarter (28 percent) of organisations have suffered perimeter security breaches in the past 12 months. The reality of the situation worsens when considering that, on average, only 8 percent of data breached was encrypted.
Businesses' confidence is further undermined by over half of respondents (55 percent) not knowing where their sensitive data is stored. In addition, over a third of businesses do not encrypt valuable information such as payment (32 percent) or customer (35 percent) data. This means that, should the data be stolen, a hacker would have full access to this information, and can use it for crimes including identity theft, financial fraud or ransomware.
“It is clear that there is a divide between organisations' perceptions of the effectiveness of perimeter security and the reality,” said Jason Hart, vice president and chief technology officer for Data Protection at Gemalto.
“By believing that their data is already secure, businesses are failing to prioritise the measures necessary to protect their data. Businesses need to be aware that hackers are after a company's most valuable asset – data. It's important to focus on protecting this resource, otherwise, reality will inevitably bite those that fail to do so.”