Welcome!

News Feed Item

IT Security Professionals Say That the Overwhelming Majority of Security Risks Are the Result of Human Error or Attack, While Only Half of Their Budgets Are Spent to Defend Against Them

BalaBit eCSI Report Survey Conducted at RSA Conference 2014 Underlines That It Is Time to Allocate IT Security Budgeting According to Real, Human Threats

NEW YORK, NY -- (Marketwired) -- 03/25/14 -- BalaBit IT Security (www.balabit.com), a global leader in the development of privileged activity monitoring, trusted logging and proxy-based gateway technologies today announced its latest eCSI Report survey results.

Conducted among nearly 300 attendees at the recent RSA Conference in San Francisco, the survey results show that 84 percent of IT security related losses can be attributed to human elements (such as human error, sophisticated internal or external attackers) with the remaining 16 percent related to infrastructure issues (system malfunction, automated attack). The survey noted that, when it comes to budgeting, the ratio is balanced: only 55 percent of budgets are spent for managing human risk and 45 percent for infrastructure risk.

Companies still concentrate their IT security resources on infrastructure security and external risk factors. Respondents ranked the main risk factors according to their share of IT budgets in the following order:

  • 30 percent prioritized external attackers above all other risks
  • 28 percent said system malfunctions are most important
  • 17 percent said automatic attacks
  • Protection against human errors and internal attackers were a top budget priority for only a small minority of respondents (13 percent and 12 percent, respectively)

But, when IT security threats were ranked in order of potential costs, results show a very different picture:

  • 51 percent of those surveyed said that human errors cause the greatest financial loss
  • 18 percent for external attackers
  • 15 percent for internal attackers
  • 9 percent for system malfunctions
  • 7 percent for automated attacks

"The biggest difference that our survey revealed is that IT professionals clearly see that human errors cause 51 percent of their losses. But when they are planning their budget, only 13 percent of them put preventing human errors at the top of the list and even 40 percent of respondents ranked human errors as least important. If companies are aiming to spend their IT security budget responsibly, it's high time to do away with this commonly held fallacy," said Zoltán Györkő, CEO of BalaBit IT Security.

IT security experts not only need to build and maintain secure IT systems, but also need to ensure business continuity and support users do their job. RSA Conference attendees were asked to estimate how much the level of their IT security at their company is reduced by satisfying the needs of special users. 83 percent of respondents said that their security level is reduced (heavily 19 percent, notably 32 percent and moderately 32 percent), to accommodate special users.

"Access controls can be self-defeating. Because of their inflexibility, they are often not able to prevent breaches but restrict people from doing their jobs efficiently. Advanced monitoring can be effective tool against IT security risks related to human elements, regardless whether the source is external or internal. Human risks can be highly decreased by detecting and blocking suspicious user activities. Real time alerting and monitoring is inevitable for privileged accounts, which have rights to access, modify or delete sensitive company information, no wonder their credentials are the primary target for hackers. A higher rate of detection -- even during preparation -- is more deterrent than passive control and more business-friendly at the same time," Györkő added.

An infographic is available at http://bit.ly/1gDmsDz

BalaBit revealed the survey results at the recent Gartner Identity and Access Management Summit held in London.

About BalaBit

BalaBit IT Security is an innovative information security company, a global leader in the development of privileged activity monitoring, trusted logging and proxy-based gateway technologies to help protect customers against internal and external threats and meet security and compliance regulations. As an active member of the open source community, we provide solutions to a uniquely wide range of both open source and proprietary platforms, even for the most complex and heterogeneous IT systems across physical, virtual and cloud environments.

BalaBit is also known as "the syslog-ng company", based on the company's flagship product, the open source log server application, which is used by more than 1 million installations worldwide and became the globally acknowledged de-facto industry standard.

BalaBit, a fastest growing IT security software developer company based on Deloitte Technology Fast 50 CE Lists, where BalaBit has been included four times in the fast five years. The company has local offices in France, Germany, Russia, and in the USA, and cooperates with partners worldwide. Our R&D and global support centers are located in Hungary, Europe.

For more information, visit www.balabit.com.

Media Contact:
Dan Chmielewski
Madison Alexander PR
Office +1 714-832-8716
Mobile: +1 949-231-2965
Email Contact

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
SYS-CON Events announced today the Docker Meets Kubernetes – Intro into the Kubernetes World, being held June 9, 2016, in conjunction with 18th Cloud Expo | @ThingsExpo, at the Javits Center in New York, NY. Register for 'Docker Meets Kubernetes Workshop' Here! This workshop led by Sebastian Scheele, co-founder of Loodse, introduces participants to Kubernetes (container orchestration). Through a combination of instructor-led presentations, demonstrations, and hands-on labs, participants learn ...
The IoT is changing the way enterprises conduct business. In his session at @ThingsExpo, Eric Hoffman, Vice President at EastBanc Technologies, discuss how businesses can gain an edge over competitors by empowering consumers to take control through IoT. We'll cite examples such as a Washington, D.C.-based sports club that leveraged IoT and the cloud to develop a comprehensive booking system. He'll also highlight how IoT can revitalize and restore outdated business models, making them profitable...
SYS-CON Events announced today that MangoApps will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. MangoApps provides modern company intranets and team collaboration software, allowing workers to stay connected and productive from anywhere in the world and from any device. For more information, please visit https://www.mangoapps.com/.
SYS-CON Events announced today the How to Create Angular 2 Clients for the Cloud Workshop, being held June 7, 2016, in conjunction with 18th Cloud Expo | @ThingsExpo, at the Javits Center in New York, NY. Angular 2 is a complete re-write of the popular framework AngularJS. Programming in Angular 2 is greatly simplified. Now it’s a component-based well-performing framework. The immersive one-day workshop led by Yakov Fain, a Java Champion and a co-founder of the IT consultancy Farata Systems and...
SYS-CON Events announced today that Super Micro Computer, Inc., a global leader in Embedded and IoT solutions, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Supermicro (NASDAQ: SMCI), the leading innovator in high-performance, high-efficiency server technology, is a premier provider of advanced server Building Block Solutions® for Data Center, Cloud Computing, Enterprise IT, Hadoop/Big Data, HPC and ...
In his session at 18th Cloud Expo, Andrew Cole, Director of Solutions Engineering at Peak 10, will discuss how the newest technology advances are reducing the cost and complexity of traditional business continuity and disaster recovery solutions. Attendees will: Learn why having a full disaster recovery strategy is more important now than ever before Explore the key drivers of a successful disaster recovery solution Achieve measurable operational and business value from a disaster recovery ...
How will your company move to the cloud while ensuring a solid security posture? Organizations from small to large are increasingly adopting cloud solutions to deliver essential business services at a much lower cost. According to cyber security experts, the frequency and severity of cyber-attacks are on the rise, causing alarm to businesses and customers across a variety of industries. To defend against exploits like these, a company must adopt a comprehensive security defense strategy that is ...
SYS-CON Events announced today that Hanu Software will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Leveraging best-in-class people, processes, and technologies, Hanu provides high-quality, high-value software development and business process outsourcing services to independent software vendors (ISVs) and enterprises.
What a difference a year makes. Organizations aren’t just talking about IoT possibilities, it is now baked into their core business strategy. With IoT, billions of devices generating data from different companies on different networks around the globe need to interact. From efficiency to better customer insights to completely new business models, IoT will turn traditional business models upside down. In the new customer-centric age, the key to success is delivering critical services and apps wit...
Join us at Cloud Expo | @ThingsExpo 2016 – June 7-9 at the Javits Center in New York City and November 1-3 at the Santa Clara Convention Center in Santa Clara, CA – and deliver your unique message in a way that is striking and unforgettable by taking advantage of SYS-CON's unmatched high-impact, result-driven event / media packages.
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, will provide an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life ...
The initial debate is over: Any enterprise with a serious commitment to IT is migrating to the cloud. But things are not so simple. There is a complex mix of on-premises, colocated, and public-cloud deployments. In this power panel at 18th Cloud Expo, moderated by Conference Chair Roger Strukhoff, panelists will look at the present state of cloud from the C-level view, and how great companies and rock star executives can use cloud computing to meet their most ambitious and disruptive business ...
SYS-CON Events announced today that MobiDev will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. MobiDev is a software company that develops and delivers turn-key mobile apps, websites, web services, and complex software systems for startups and enterprises. Since 2009 it has grown from a small group of passionate engineers and business managers to a full-scale mobile software company with over 200 develope...
SYS-CON Events announced today that BMC Software has been named "Siver Sponsor" of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2015 at the Javits Center in New York, New York. BMC is a global leader in innovative software solutions that help businesses transform into digital enterprises for the ultimate competitive advantage. BMC Digital Enterprise Management is a set of innovative IT solutions designed to make digital business fast, seamless, and optimized from mainframe to mo...
As cloud and storage projections continue to rise, the number of organizations moving to the cloud is escalating and it is clear cloud storage is here to stay. However, is it secure? Data is the lifeblood for government entities, countries, cloud service providers and enterprises alike and losing or exposing that data can have disastrous results. There are new concepts for data storage on the horizon that will deliver secure solutions for storing and moving sensitive data around the world. ...