The State of IT Security for 2019: Results from our Survey
In 2018 alone, multiple security regulations became effective across the globe, most notably the European Union’s General Data Protection Regulation (GDPR), and additional regulations are on their heels. As a result, businesses already grappling with increasingly sophisticated cybersecurity attacks now must contend with additional regulatory requirements.
To check the pulse of IT teams managing security, Syncsort surveyed over 300 IT professionals on the state of security in their organization, more than a third of whom had firsthand knowledge of security for IBM i systems.
Full Results: State of IT Security Survey for 2019
IT Security Survey Highlights
When asked their overall IT priorities for 2019, security ranked as the #1 priority for both the complete set of respondents (42%) and the IBM i subgroup (35%). When asked their security challenges, both groups ranked “Growing complexity of regulations” as their #2 concern behind only “Adoption of cloud services.” Clearly security is a broad concern that crosses industries and platforms.
Meeting compliance regulations
The regulations the two sets of respondents reported as applying to their businesses differed somewhat based on the core markets for each platform. IBM i, for example, is heavily adopted in transaction-oriented verticals such as banking, financial services, manufacturing and healthcare, and therefore respondents reported a focus on regulations such as SOX (40%), GDPR (36%), HIPAA (32%) and PCI DSS (32%). However, respondents across the board were subject to multiple regulations.
Some might be overconfident
Unfortunately, responses related to confidence in security programs and compliance efforts seemed out of sync with reported abilities to deliver. Approximately 85% of both total respondents and the IBM i subgroup reported that they were very confident or somewhat confident in the effectiveness of their organization’s security program. However, 45% of general respondents and 41% of respondents with IBM i insights reported that their organization had experienced a security breach, with 20% and 16% of respondents respectively unsure about whether their security had been breached.
It is noteworthy that 25% of IBM i breaches reportedly involved theft of sensitive data, and in both populations, not a single security metric (e.g. mean time to detect, mean time to respond) was achieved by even 50% of respondents. Concerningly, the confidence reported by respondents did not align with their ability to prevent breaches and meet Service Level Agreements.
Room for security improvements
The survey highlighted two areas where IT organizations could strengthen their security practices. As described in Syncsort’s “The Essential Layers of IBM i Security” white paper, building overlapping layers of security is a best practice to provide multiple lines of defense against a breach. However, IBM i respondents reported having implemented primarily network and endpoint security measures: Network firewall (64%), Malware protection (58%) and Virus protection (55%). Other solutions that address authentication, system and database auditing, user privilege management, and encryption were reported by fewer than 50% of IBM i respondents. The full set of respondents reported a similar focus with the exception of increased adoption of encryption and intrusion detection and prevention systems (53% each). By focusing on additional layers of security, IT teams can increase their ability to block a would-be intruder that compromises any single layer.
Auditing also seemed to be a potential Achilles’ heel for survey respondents. While only 23% percent of all respondents audit their security and compliance on a quarterly basis, 30% of IBM i users audit quarterly. Kudos to those IBM i respondents that audit frequently, but the remaining organizations should consider auditing more often than the annual audit required by various regulations. The use of independent, third party auditors was reported by only 46% of IBM i respondents and 44% overall. As noted in Syncsort’s eBook “Passing Your Next Audit: The Challenges of Properly Securing Your IBM i and Maintaining Compliance,” the use of external experts that understand platform-specific security concerns is best practice. For those who rely on audits by internal staff today, it’s time to consider the use of external resources for a more impartial assessment.