IT Shows Serious Security Overconfidence, CompTIA Finds

A survey by CompTIA (News - Alert) finds that IT shops think they have the security problem pretty much licked. But in reality, new threats and new technologies IT must defend have these shops very much at risk.

CompTIA is all about partners, in particular helping VARs, MSPs and the like in several main ways. CompTIA advocates for the IT channel industry, connects partners with other partners, provides business tools and other resources, does philanthropy, and offers certification and training. As a result, it has access to partners and their IT customers. Research is part of the mission.

In its Information Security Trends report, 82 percent of shops think the security they put in place as either fully or mostly satisfactory. That doesn’t jive with what these same shops have done lately. Despite massive changes in technology and how it’s used (BYOD anyone?), only 13 percent of those surveyed have fundamentally changed how they protect their networks.

According to Forrester (News - Alert), some 37 percent of U.S. information workers in the U.S. already use their own devices – without corporate permission. The research house says that by 2016, 200 million people will bring their own devices to their companies.

“The use of new technologies necessitates a change in security approach,” said Seth Robinson, director, technology analysis, CompTIA. “It’s clear why companies view security as a top priority; but what’s less clear is whether they are fully aware of which actions to take to build an appropriate security posture for a new era of IT.”

Security is an ongoing process as new threats emerge by the minute and grow stronger by the day. “Many organizations may be assuming a satisfactory level of security without truly performing the due diligence to understand their exposure and build an appropriate security posture for a new era of IT,” Robinson argued. “To truly ‘move the needle’ on security readiness, the overall approach must be re-evaluated from the top level of the business down through all departments.”

The Managed Security Answer

One answer to the concerns the CompTIA research raises is managed security, and IT seems to agree. Infonetics Research (News - Alert) says the managed security market will exceed $9 billion by 2017, this according to the ‘Cloud and CPE Managed Security Services’ report.

The definition of security has changed with the advent of the cloud and managed services. Here Infonetics looks at both cloud and customer premises equipment (CPE) focused security services. This market is poised to grow over the next five years a rather stunning 45 percent. Driving this growth, among other factors, are BYOD, an increasing disperse workforce, and the fact that security threats aren’t just growing, but becoming more complex and varied. Infonetics numbers, though, are kind of a best case scenario as there are several areas of caution.