News

InfoSec professionals spend most of their time and money on self-inflicted security issues

Wednesday 22 July 2015 09:55 CET | News

InfoSec professionals are spending the biggest amount of their time and budgets on security problems created within the organization itself, a recent study indicates.

According to data from a survey conducted on Black Hat Conference attendees, 35% of respondents stated that security flaws introduced by their own application development teams requires the largest amount of time. Purchased software and systems ranked second with 33% of respondents mentioning this.

The same source also indicates that dealing with sophisticated targeted attacks was sixth on the list, with 20% of respondents choosing it as one of the three areas where they spent the most time. However, 57% percent declared that their biggest concerns were sophisticated attacks directed at their organization.

When it comes to spending, 26% of respondents mentioned that sophisticated targeted attacks is one area that needed the biggest part of their security budgets, tying for first place with accidental data leaks caused by end users not following company security policies.

Research also provides several information regarding respondents’ perspective on the Internet of Things. According to results, 36% said they believed that IoT-based attacks will be their biggest concern in two years. However, only 3% declared that the IoT was one of the top three budget priorities for the current year (2015).

Moreover, findings reveal that almost three quarters of respondents (73%) said they were likely to have a significant compromise in the coming year, and a large majority also said they didnt have enough resources to deal with the threats they were facing.

The study was conducted in June 2015 on a sample of 460 security professionals, both management and staff, predominantly at large companies.
 


Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: InfoSec, security, online fraud, Black Hat, internet of things, security attacks
Categories: Fraud & Financial Crime
Companies:
Countries: World
This article is part of category

Fraud & Financial Crime