Businesses Don't Adequately Monitor Network Risks: Report
Survey finds that although businesses' primary concern is reducing security risks, they do not have adequate risk-reporting tools in place.
July 14, 2005
Security company nCircle announced the results of an industry trend survey showing that although businesses' primary concern is reducing security risks, they do not have adequate risk-reporting tools in place, and are not able to measure their level of risk.
In a poll of 1,700 CIOs, CSOs and Security Directors, nCircle found that:
60 per cent were unsure if their network security risk was increasing or decreasing over time.
58 per cent were unable to generate reports about applications or vulnerabilities on their network by region, business unit or business owner.
52 per cent had no way to verify that they were compliant with their own internal security procedures.
According to a statement by nCircle's vice president of marketing, Elizabeth Ireland, "These results highlight the need for a significant number of enterprises to implement solutions and processes that will enable them to more effectively measure, manage and ultimately reduce their risk."
The survey also found that management of regulatory compliance was also a key business concern. Half of those surveyed stated that it took their company more than a month to compile information for compliance reporting. Respondents also indicated that in terms of future investments for security technology, they are planning to add identity and access management, and vulnerability management technology in the next year.
Read more about:
2005You May Also Like