Gemalto report surveyed worldwide IT decision-makers.
IT decision-makers lack faith in their organisation’s security, according to research from Gemalto.
The report showed that 87 percent of IT decision-makers believe that their organisation’s perimeter security systems are effective at keeping out unauthorised users. 64 percent are looking to further increase their investment in perimeter security in the next two months.
Despite this, the number of global data breaches is on the increase, according to Gemalto’s Breach Level Index. More than 1500 data breaches leading to one billion data records compromised in 2014. This represents a 49 percent increase in data breaches and a 78 percent increase in data records lost or stolen compared to 2013.
Even though investment and awareness is increasing, 33 percent believe unauthorised users can still access their networks, while 34 percent are not confident in the security of their organisation’s data if a breach occurs.
62 percent are no more confident year-on-year in the security industry’s ability to detect and defend against security threats.
Additionally, 71 percent have adjusted security strategies but still focus on perimeter security. 72 percent have upped their perimeter security investment in the last five years, but 30 percent admitted that their company has been breached in the last 12 months.
The costs were clear: 90 percent of organisations suffered negative commercial consequences, with 31 percent seeing product deployment delays. 30 percent saw decreased employee productivity, 28 percent saw decreased customer confidence and 24 percent saw negative press.
"With the number of sophisticated breaches on the rise, relying on perimeter security systems alone is no longer enough," said Tsion Gonen, Vice President of Strategy for Identity and Data Protection at Gemalto."Traditional security staples such as firewalls and anti-virus should be part of a much greater security strategy.
"IT decision-makers need to take into account that if someone is motivated enough they will breach a network, no matter how well it is protected.
"Organisations still place too much emphasis on perimeter security, even though it has proven to be ineffective", added Gonen. "Decision-makers should place greater importance on customer data, and look to adopt a ‘secure the breach’ approach that focuses on securing the data after intruders penetrate the perimeter defenses.
"This means they need to attach security directly to the data itself using multi-factor authentication and data encryption, as well as securely managing encryption keys. That way, if the data is stolen, it is useless to the thief."
The study queried over 1,000 security and IT executives in the US, UK, Europe, Middle East and Asia-Pacific.