Welcome!

News Feed Item

Dell Global Security Survey: Organizations Overlook Powerful New Unknown Threats, Despite Significant Costs

A new generation of unknown security threats stemming from megatrends and technologies like BYOD, mobility, cloud computing, and Internet usage, as well as internal actions both accidental and malicious, introduce organizations to a multitude of new risks. According to a Dell global security survey released today, however, the majority of IT leaders around the world say they don’t view these threats as top security concerns and are not prioritizing how to find and address them across the many points of origin. In fact, when respondents were asked to look at long term priorities, only 37 percent ranked unknown threats as a top security concern in the next five years.

Epidemic threats come from all perimeters, both inside and outside of the organization, and are often hidden in poorly configured settings or permissions, and ineffective data governance, access management and usage policies. Dell’s global security survey of leading public and private sector security decision-makers gauged their awareness of, and preparedness for this new wave of threats plaguing IT security.

Some key findings include:

  • 64 percent of respondents agree that organizations will need to restructure/reorganize their IT processes, and be more collaborative with other departments to stay ahead of the next security threat. Of those surveyed in the United States, 85 percent said this approach is needed, contrasting with the U.K. (43 percent) and Canada (45 percent), which were the least convinced this would be necessary
  • Nearly 90 percent of respondents believe government should be involved in determining organizations’ cyber defense strategies, and 78 percent in the Unites States think the federal government plays a positive role in protecting organizations against both internal and external threats, which underscores the need for strong leadership and guidance from public sector organizations in helping secure the private sector

Unknown Threats Come From Every Perimeter, Both Inside and Outside of the Organization

The dramatic spike in social engineering, malicious and/or accidental internal attacks, as well as sophisticated, advanced persistent threats means the organization is vulnerable from all directions. All stakeholders must immediately take action to strengthen access to points inside and outside the perimeter, and help users prevent such attacks.

  • 67 percent of survey respondents say they have increased funds spent on education and training of employees in the past 12 months; 50 percent believe security training for both new and current employees is a priority
  • 54 percent have increased spending in monitoring services over the past year; this number rises to 72 percent in the United States

Among the IT decision-makers surveyed, BYOD, cloud and the Internet were the top areas of concern for security threats.

  • BYOD ─ A sizable number of respondents highlighted mobility as the root cause of a breach, with increased mobility and user choice flooding networks with access devices that provide many paths for exposing data and applications to risk.
    • 93 percent of organizations surveyed allow personal devices for work. 31 percent of end users access the network on personal devices (37 percent in the United States)
    • 44 percent of respondents said instituting policies for BYOD security is of high importance in preventing security breaches
    • 57 percent ranked increased use of mobile devices as a top security concern in the next five years (71 percent in the U.K.)
    • 24 percent said misuse of mobile devices/operating system vulnerabilities is the root cause of security breaches
  • Cloud ─ Many organizations today use cloud computing, potentially introducing unknown security threats that lead to targeted attacks on organizational data and applications. Survey findings prove these stealthy threats come with high risk.
    • 73 percent of respondents report their organizations currently use cloud (90 percent in the United States)
    • Nearly half (49 percent) ranked increased use of cloud as a top security concern in the next five years, suggesting unease for the future as only 22 percent said moving data to the cloud was a top security concern today
    • In organizations where security is a top priority for next year, 86 percent are using cloud
    • 21 percent said cloud apps or service usage are the root cause of their security breaches
  • Internet ─ The significance of the unknown threats that result from heavy use of Internet communication and distributed networks is evidenced by the 63 percent of respondents who ranked increased reliance upon internet and browser-based applications as a top concern in the next five years.
    • More than one-fifth of respondents consider infection from untrusted remote access (public wifi) among the top three security concerns for their organization
    • 47 percent identified malware, viruses and intrusions often available through web apps, OS patching issues, and other application-related vulnerabilities as the root causes of breaches
    • 70 percent are currently using email security to prevent outsider attacks from accessing the network via their email channel

Combat Known and Unknown Threats

The survey revealed that 76 percent of IT leaders surveyed (93 percent in the United States) agree that to combat today’s threats, an organization must protect itself both inside and outside of its perimeters. This requires not only a comprehensive set of solutions that protects from the inside out and the outside in ─ from the endpoint, to the data center to the cloud ─ but one that also connects these capabilities to provide deeper insights and stronger predictive analytics so that strategic action can be taken quickly.

Supporting Quotes:

Stacy Duncan, vice president, IT, DavCo

“All threats expose an organization to significant risk, but unknown threats, particularly, are silent predators that can have profound and catastrophic implications on performance and continuity. At the same time, compliance demands are ever-growing in complexity. We took proactive steps to guard ourselves both from inside and outside of our perimeters. As a retailer, we take all possible measures to protect our customers, while ensuring PCI compliance for our stores. We have deeper insights and network visibility that all keep our data safe and help us stay compliant because Dell’s Connected Security portfolio weaves security tightly into all areas in and around our network.”

Will Markham, security practice lead, Colt Enterprise Services

“In today's increasingly complex threat landscape, one of the most common threats comes from employees who download and install unauthorized software, without understanding the potential risks associated with their actions. Unfortunately, organizations are not always able to identify new vulnerabilities quickly enough. This is compounded by the anytime, anyplace, anywhere nature of accessing business data ─ everywhere from inside the network to application layers and mobile devices. As an international IT services company, protecting our customers’ information is critical, and we are constantly working to ensure that all measures are in place to ensure their data is secure at all times.”

Mary Hobson, Director, eResearch South Australia

"Although cloud presents massive opportunities for corporate IT in terms of cost savings, security issues are rising to the forefront. Hosting software in the cloud presents security issues that have to be tackled in a thoughtful and connected way, versus in silos or traditional perimeter defenses. In protecting our cloud and making it the best possible platform for our researchers, our strategy includes a sharper focus on security threats that originate both from the application layer and from internal users who may threaten our network either intentionally or by accident. Our researchers are now able to access secure data 40 times faster because of our highly scalable, easily manageable cloud platform enabled by Dell.”

Ash Motiwala, chief technology officer, Identropy

“External hackers have been the focus of news reports recently, and the threats they pose get lots of attention. Just as lethal to a company’s data, however, are the unknown threats that can emerge from within the organization. At Identropy, we know that an identity and access management strategy that safeguards the network with strong tools for provisioning, privileged account management, and managing and governing access is the key to diminishing unknown internal threats, and our customers count on us to ensure their identity and access management initiatives are successful. As a visionary, Dell understands the security landscape, which is why Dell solutions can be counted on to protect the network from both outside and inside the perimeter.”

Matt Medeiros, vice president and general manager, Dell Security Products, Dell Software Group

“Traditional security solutions can defend against malware and known vulnerabilities, but are generally ineffective in this new era of stealthy, unknown threats from both outside and inside the organization. These threats evade detection, bypass security controls, and wreak havoc on an organization’s network, applications, and data, but despite these dangers, our study found, among those surveyed, organizations are just not prepared. There is still a disturbing lack of understanding and awareness of the type of impact and detriment caused by the unknown threats that can come from both sides of an organization’s data flow. As a result, we believe a new security approach is needed ─ one that’s embedded in the fabric of software, governing access to every application and protecting every device, both inside and outside a corporate network. Only then, with this Connected Security approach, will organizations have a chance at keeping one step ahead of these epidemic threats that can significantly damage their network.”

About the Survey

Dell Software commissioned Vanson Bourne to survey 1,440 IT decision makers in organizations with 500+ employees or end users. The survey took place from October-November 2013 across the U.S. (300), Canada (60), U.K. (200), France (200), Germany (200), Italy (60), Spain (60), India (200), Australia (60), and Beijing (100). Both the private and public sectors were interviewed with specific focuses on: retail, consumer products, manufacturing, higher education, education (excluding higher), government/public services, healthcare (private and public), financial services, and other commercial sectors.

1 2008 US Census Bureau reported 20,475 firms in US with equivalent demographics to the study (500+ employees). The study showed that 87% of surveyed US organizations have suffered a security breach in the last twelve months. Taking 87% of the US firms mentioned above (17813) and multiplying this figure by the average cost of security breaches reported by US respondents in the survey ($1.45M).

Supporting Resources:

Delivering Complete and Connected Security

Dell Connected Security gives organizations the power to solve their biggest security and compliance challenges today, while helping them better prepare for tomorrow. From the device to the data center to the cloud, Dell helps mitigate risks to enable the business.

About Dell

Dell Inc. listens to customers and delivers innovative technology and services that give them the power to do more. For more information, visit www.dell.com.

Dell is a trademark of Dell Inc. Dell disclaims any proprietary interest in the marks and names of others.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
SYS-CON Events announced today that Fusic will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Fusic Co. provides mocks as virtual IoT devices. You can customize mocks, and get any amount of data at any time in your test. For more information, visit https://fusic.co.jp/english/.
SYS-CON Events announced today that Massive Networks, that helps your business operate seamlessly with fast, reliable, and secure internet and network solutions, has been named "Exhibitor" of SYS-CON's 21st International Cloud Expo ®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. As a premier telecommunications provider, Massive Networks is headquartered out of Louisville, Colorado. With years of experience under their belt, their team of...
21st International Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Me...
With the rise of DevOps, containers are at the brink of becoming a pervasive technology in Enterprise IT to accelerate application delivery for the business. When it comes to adopting containers in the enterprise, security is the highest adoption barrier. Is your organization ready to address the security risks with containers for your DevOps environment? In his session at @DevOpsSummit at 21st Cloud Expo, Chris Van Tuin, Chief Technologist, NA West at Red Hat, will discuss: The top security r...
SYS-CON Events announced today that Enroute Lab will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Enroute Lab is an industrial design, research and development company of unmanned robotic vehicle system. For more information, please visit http://elab.co.jp/.
SYS-CON Events announced today that MIRAI Inc. will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. MIRAI Inc. are IT consultants from the public sector whose mission is to solve social issues by technology and innovation and to create a meaningful future for people.
IBM helps FinTechs and financial services companies build and monetize cognitive-enabled financial services apps quickly and at scale. Hosted on IBM Bluemix, IBM’s platform builds in customer insights, regulatory compliance analytics and security to help reduce development time and testing. In his session at 21st Cloud Expo, Lennart Frantzell, a Developer Advocate with IBM, will discuss how these tools simplify the time-consuming tasks of selection, mapping and data integration, allowing devel...
SYS-CON Events announced today that Mobile Create USA will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Mobile Create USA Inc. is an MVNO-based business model that uses portable communication devices and cellular-based infrastructure in the development, sales, operation and mobile communications systems incorporating GPS capabi...
There is huge complexity in implementing a successful digital business that requires efficient on-premise and cloud back-end infrastructure, IT and Internet of Things (IoT) data, analytics, Machine Learning, Artificial Intelligence (AI) and Digital Applications. In the data center alone, there are physical and virtual infrastructures, multiple operating systems, multiple applications and new and emerging business and technological paradigms such as cloud computing and XaaS. And then there are pe...
Today traditional IT approaches leverage well-architected compute/networking domains to control what applications can access what data, and how. DevOps includes rapid application development/deployment leveraging concepts like containerization, third-party sourced applications and databases. Such applications need access to production data for its test and iteration cycles. Data Security? That sounds like a roadblock to DevOps vs. protecting the crown jewels to those in IT.
SYS-CON Events announced today that Interface Corporation will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Interface Corporation is a company developing, manufacturing and marketing high quality and wide variety of industrial computers and interface modules such as PCIs and PCI express. For more information, visit http://www.i...
SYS-CON Events announced today that Keisoku Research Consultant Co. will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Keisoku Research Consultant, Co. offers research and consulting in a wide range of civil engineering-related fields from information construction to preservation of cultural properties. For more information, vi...
SYS-CON Events announced today that SIGMA Corporation will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. uLaser flow inspection device from the Japanese top share to Global Standard! Then, make the best use of data to flip to next page. For more information, visit http://www.sigma-k.co.jp/en/.
SYS-CON Events announced today that B2Cloud will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. B2Cloud specializes in IoT devices for preventive and predictive maintenance in any kind of equipment retrieving data like Energy consumption, working time, temperature, humidity, pressure, etc.
Agile has finally jumped the technology shark, expanding outside the software world. Enterprises are now increasingly adopting Agile practices across their organizations in order to successfully navigate the disruptive waters that threaten to drown them. In our quest for establishing change as a core competency in our organizations, this business-centric notion of Agile is an essential component of Agile Digital Transformation. In the years since the publication of the Agile Manifesto, the conn...