Using More Complex IT Security Strategies Does Not Necessarily Increase Security, Survey Finds
The survey, conducted by Hornetsecurity, finds that organizations have enabled more Microsoft 365 security features as they have been increasingly targeted by cyberattacks over the past year.
PITTSBURGH , June 21, 2022 /PRNewswire/ — A Global Network IT Security and Compliance Survey of more than 800 IT professionals have found that the rate of IT security incidents increases as Microsoft 365 security features are used. Organizations using Microsoft 365 that use 1 or 2 of its stock security features reported attacks 24.4% and 28.2% of the time, respectively, while those using 6 or 7 features reported attacks respectively 55.6% and 40.8% of the time. Overall, it was found that 3 in 10 organizations (29.2%) using Microsoft 365 reported a known security incident in the past 12 months.
Conducted by Hornetsecurity, a leading provider of security and backup solutions for Microsoft 365, the survey indicates that while the use of additional security features is essential, it is more practical to use proven and user-friendly solutions. – preferably performed by dedicated security professionals. .
What do IT security professionals say?
Hornetsecurity experts say these findings could be due to a number of factors. They highlight the likelihood that organizations with a high number of security features implemented have done so following sustained cyberattacks over a period of time, in an attempt to mitigate security threats.
They also suggest that the more security IT teams attempt to implement, the more complex the security system becomes. Features can be misconfigured, leaving vulnerabilities. This is supported by the fact that 62.6% of respondents indicated that the main obstacle to implementing security functions within their organization is “lack of time or resources”.
Another theory is that using more features can contribute to a false sense of security within the organization. This might cause it to stop paying close attention to potential security threats, believing that all these features will protect them without having to put in extra active effort.
“It’s a game of cat and mouse. As you grow, you add security features, but you also become more susceptible to attack because you’re a more lucrative target. Yet, you need to stay ahead of the criminals trying to harm your organization. Our survey results clearly showed that relying on inventory security features for digital security is insufficient,” said Daniel HoffmanCEO of Hornetsecurity.
“Organizations must proactively find ways to identify invisible vulnerabilities and take a diligent and holistic approach to cybersecurity, rather than relying on what is available and reacting only when it is too late.”
What barriers do IT professionals face in implementing security features in their organizations?
Surprisingly, a quarter of respondents (25.7%) who employ more than 50 people and have compliance requirements do not employ a dedicated compliance officer or IT security officer. Several factors contribute to the lack of attention paid to IT security and compliance in medium and large enterprises.
Nearly 2 in 3 (62.6%) IT professionals surveyed cite “lack of time or resources” as the biggest barrier to implementing security functionality in their organization. Next, respondents cite a “lack of budget” (44.6%), “problems with skills and/or a lack of knowledge” (36.2%) and a “lack of interest from management” (23 .1%).
All of the above findings indicate a general lack of urgency surrounding security within organizations. Only 2% of respondents said they had no security barriers, and more than half of respondents (55.5%) said their organization did not have a process in place to track and change review – an essential tool for identifying security threats. .
What are the most commonly used security features in organizations?
Of the 11 security features listed in the survey, “spam filtering” was the most popular, with 84.4% of respondents reporting its use within their organization. “Multi-factor authentication” (82.7% of respondents) follows closely behind. ‘Web traffic filtration’, ‘permission management’ and ‘computer security awareness training for users’ are used by 68.8%, 66.4% and 61.2% respectively.
The least common security measure was “SIEM solution,” with only 14.1% of respondents implementing such a measure. However, “SIEM Solutions” had the highest incident rate at 42.1%, supporting the idea that more advanced security is needed as organizations become a bigger target.
About Hornetsecurity Group
Hornetsecurity is the leading provider of security and backup solutions for Microsoft 365. Its flagship product is the most comprehensive cloud security solution for Microsoft 365 on the market, offering robust, comprehensive and award-winning protection: spam and virus filtering, phishing and ransomware protection, legally compliant archiving and encryption, advanced threat protection, email continuity, signatures and disclaimers. It is an all-in-one security package that even includes backup and recovery of all data in Microsoft 365 and user endpoints.
Hornetsecurity Inc. is based in Pittsburgh, Pennsylvania with other North America offices at washington d.c. and Montreal Canada. Globally, Hornetsecurity operates in over 30 countries through its international distribution network. Its premium services are used by around 50,000 customers, including Swisscom, Telefónica, KONICA MINOLTA, LVM Versicherung and CLAAS.
Please contact us on [email protected].
888-317-4687 ext. 707