The use of more complex IT security strategies does not
London, UK, June 21, 2022 (GLOBE NEWSWIRE) — Hornetsecurity’s survey reveals that organizations have enabled more M365 security features as they have been increasingly targeted by cyberattacks over the past year.
A global IT security and compliance survey of more than 800 IT professionals found that the rate of IT security incidents increases as Microsoft 365 security features are used. Organizations using Microsoft 365 that use 1 or 2 of its stock security features reported attacks 24.4% and 28.2% of the time, respectively, while those using 6 or 7 features reported attacks respectively 55.6% and 40.8% of the time. Overall, it was found that 3 in 10 organizations (29.2%) using Microsoft 365 reported a known security incident in the last 12 months.
Overall, the survey results indicate that while the use of additional security features is essential, it is more practical to use proven, user-friendly solutions – preferably performed by dedicated security professionals.
What do IT security professionals say?
Experts from Hornetsecurity, a leading provider of security and backup solutions for Microsoft 365, say it could be due to a number of factors. They highlight the likelihood that organizations with a large number of security features implemented have done so following sustained cyberattacks over a period of time, in an attempt to mitigate security threats.
They also suggest that the more IT teams attempt to implement security features, the more complex the security system becomes. Features can be misconfigured, leaving vulnerabilities. This is supported by the fact that 62.6% of respondents indicated that the main barrier to implementing security functionality in their organization is “lack of time or resources”.
Another theory is that using more features can contribute to a false sense of security within the organization. This might cause it to stop paying close attention to potential security threats, thinking that all these features will protect them without having to put in extra active effort.
“It’s a game of cat and mouse. As you grow, you add security features, but you also become more vulnerable to attack because you are a more lucrative target. Still, you need to stay one step ahead of criminals trying to harm your organization. Our survey results clearly showed that relying on inventory security features for digital security is insufficient,” said Daniel Hofmann, CEO of Hornetsecurity. “Organizations must proactively find ways to identify invisible vulnerabilities and take a diligent and holistic approach to cybersecurity, rather than relying on what is available and reacting only when it is too late.”
What barriers do IT professionals face in implementing security features in their organizations?
Surprisingly, a quarter of respondents (25.7%) who employ more than 50 people and have compliance requirements do not employ a dedicated compliance officer or a dedicated IT security officer. Several factors contribute to the lack of attention paid to IT security and compliance in medium and large enterprises.
Nearly 2 in 3 (62.6%) IT professionals surveyed cite “lack of time or resources” as the biggest barrier to implementing security functionality in their organization. Next, respondents cite a “lack of budget” (44.6%), “problems with skills and/or a lack of knowledge” (36.2%) and a “lack of interest from management” (23 .1%).
All of the above findings indicate a general lack of urgency surrounding security within organizations. Only 2% of respondents said they had no security barriers, and more than half of respondents (55.5%) said their organization did not have a process in place to track and change review – an essential tool for identifying security threats. .
What are the most commonly used security features in organizations?
Of the 11 security features listed in the survey, “spam filtering” was the most popular, with 84.4% of respondents reporting its use within their organization. “Multi-factor authentication” (82.7% of respondents) follows closely behind. ‘Web traffic filtration’, ‘permission management’ and ‘computer security awareness training for users’ are used by 68.8%, 66.4% and 61.2% respectively.
The least common security measure was “SIEM solution,” with only 14.1% of respondents implementing such a measure. However, “SIEM Solutions” had the highest incident rate at 42.1%, supporting the idea that more advanced security is needed as organizations become a bigger target.
About Hornetsecurity Group
Hornetsecurity is the leading provider of security and backup solutions for Microsoft 365. Its flagship product is the most comprehensive cloud security solution for Microsoft 365 on the market, offering robust, comprehensive and award-winning protection: spam and virus filtering , phishing and ransomware protection. , compliant archiving and encryption, advanced threat protection, email continuity, signatures and disclaimers. It is an all-in-one security package that even includes backup and recovery of all data in Microsoft 365 and user endpoints.
Hornetsecurity Inc. is headquartered in Pittsburgh, PA with additional North American offices in Washington DC and Montreal, Canada. Globally, Hornetsecurity operates in over 30 countries through its international distribution network. Its premium services are used by around 50,000 customers, including Swisscom, Telefónica, KONICA MINOLTA, LVM Versicherung and CLAAS.
Please contact us at [email protected]
Using More Complex IT Security Strategies Does Not Necessarily Increase Security, Survey Finds