New Security Survey Finds Differing Confidence Levels Surrounding Basic Controls

New Security Survey Finds Differing Confidence Levels Surrounding Basic Controls

By Laura Stotler

The vast majority of IT professionals and executives are confident in their organization’s implementation of basic foundational security controls, according to a new survey. But in a more disturbing finding, less than half of those queried are confident in the secure configuration of common devices connected to their network, even though targeted cyber attacks are on the rise.

The survey was conducted by Atomik Research in conjunction with Tripwire, a provider of advanced threat, security and compliance solutions. Findings centered on the confidence levels of those queried related to the security of their own networks and associated devices. And despite more than 100 million records being compromised in retail data breaches over the past year, 77 percent of retail IT workers were confident all the devices on their networks were running only authorized software.

A whopping 89 percent of executives in the energy industry were fairly confident or very confident in their vulnerability management programs, even though warnings have been issued concerning a sophisticated malware campaign targeting incident command systems (ICS).

"It's not surprising that IT and security professionals have confidence in foundational security controls,” said Jane Holl Lute, president and CEO of the Council on CyberSecurity. “The controls are instrumental in defending against common cyber attacks and lay the foundation for effective defense against more sophisticated intrusions. But to be effective they must be implemented consistently across the entire enterprise."

However, when it comes to secure configuration of routers, firewalls and modems connected to their networks, only 47 percent of IT professionals said they were confident with their setups. And only 10 percent of security professionals were very confident in their patch management programs, which is a bit worrying considering how important they are to fundamental security controls.

"This survey clearly shows the disconnect between the executive branch and the IT branch and the false sense of security within a typical organization,” said Amar Singh, chair of ISACA UK SAG and founder of the Cyber Management Alliance. “This, in my opinion, false level of confidence may stem from several factors including the false belief that if no breach has been discovered 'we must be secure'."




Edited by Maurice Nagle
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Contributing Editor

SHARE THIS ARTICLE
Related Articles

Foxit Brings AI to Document Analysis with New Research Agent

By: Erik Linask    7/3/2025

PDF and eSignature solutions provider unveils an intelligent tool designed to transform how users extract actionable insights from dense, complex docu…

Read More

OpenMSP Brings New Profitability to MSPs Driving an Open Source Revolution

By: Erik Linask    7/3/2025

OpenMSP, a community-driven platform seeks to liberate MSPs from unsustainable software licensing costs by leveraging open-source alternatives and AI-…

Read More

TD SYNNEX's Apptium Acquisition a Win for MSPs.

By: Erik Linask    7/3/2025

TD SYNNEX's acquisition of Apptium will simplify complexities of the XaaS, economy, offering MSPs new agility, accelerated time to revenue, and stream…

Read More

Real Estate Forecast 2025: Emerging Developments and Market Shifts

By: Contributing Writer    7/1/2025

Buying or selling property can be challenging. Rising mortgage rates and fluctuating home prices leave many uncertain about their next move. Business …

Read More

Protecting Business Assets with Smarter Security Frameworks

By: Contributing Writer    7/1/2025

Protecting your business is more challenging than ever. Cyber threats are increasing every day. Hackers target small and large businesses alike, searc…

Read More