A Forrester Research survey commissioned by IBM has found that nearly 70% of end users neglect IT security because other responsibilities keep them too busy.
Analysts polled 2,400 enterprise executives and IT decision-makers in both North America and Europe to come up with the findings, which may make interesting reading for security-as-a-service resellers.
The survey also found that 75% struggled to help their businesses make the right internal priority choices, while 53% admitted they were coming up short because new resources – including human ones – were too hard to find.
Others complained that they lacked the understanding to implement security incident and event management (SIEM) technology, or that their infrastructure was not good enough.
IBM Security Services general manager Kris Lovejoy conceded there was no question that protecting business from security threats was becoming increasingly complex – largely thanks to the pressures of cloud, big data, mobility and the like – and called for new approaches to managing security.
Lovejoy called for businesses to adopt a list of security best practices, including tapping into historical data and using the documented experience of others in mitigating the impact of some threats to justify increased security spend to senior management.
She also recommended the appointment of C-level security executives with enterprise-wide authority.
“With a skilled trusted advisor who can help map out an appropriate security strategy based on experience, industry knowledge, and other tools such as analytics, companies can stay ahead of increasingly sophisticated threats and manage their risk-aware culture,” she said.
Forrester’s report also called for end users to consider how they went about selecting their service provider partners, saying the relationship must not be “considered as a mere fling.”
“Although a perceived benefit of a managed service is the ability to withdraw at any time ... the steps to achieve a suitable solution are not inconsiderable, and this isn’t something you should be looking to repeat,” it said.
In selecting the right service provider, advised Forrester, end users should be looking out for firms associated with quality and innovation, with established reputations, and not necessarily those competing on cost.