Businesses must adopt a holistic approach to security that cuts across all levels of compute, network, storage, clouds and devices to detect and respond to cyber-attacks
VMware has unveiled new research from the Economist Intelligence Unit (EIU), which shows significant misalignment between corporate and IT leadership on cyber security investment and protection priorities. With the cost of cybercrime continuing to escalate, and The Australian Crime Commission estimating the annual cost to Australia being over $1 billion in direct costs, and perhaps as high as one per cent of GDP a year – or about $17 billion, Australian businesses need to take cybersecurity much more seriously and pursue more effective defence and mitigation strategies.
“Border-based network security has proven to be somewhat effective, but with more than 70 percent of successful cyber-attackers gaining insider access through lost, stolen or weak credentials, it’s clearly not enough. Organisations need to look seriously at how to extend security deeper into the data centre, and with VMware’s NSX, we can offer a unique security solution at the hypervisor level,” said Raymond Maisano ANZ sales director for software-defined data centre (SDDC), VMware. “Today’s security breaches are inevitable, but by deploying new security measures inside the data centre, damage can be mitigated and managed like never before. With this new approach to IT infrastructure and network management, the IT security industry has an opportunity to chart a new path forward.”
A layer in between physical infrastructure and applications is now necessary for businesses to detect and respond to cyber-attackers taking advantage of new gaps or exposed frontiers. Virtualization has become the most ubiquitous infrastructure layer covering compute, network, storage, clouds and devices. As such virtualization creates the foundation for a comprehensive architecture that enables security to be built in and cover all bases.
Increased Vulnerabilities Reinforce the Need for an Enhanced Approach to Security
Given the complexities of an increasingly digital business world, current security methods may not be keeping pace. As organisations accommodate employee demands for workplace mobility and continue on their digital transformation journeys, applications and user data are on more devices in more locations than ever before. Cyber-attackers can now undertake numerous potential points of entry within an organisation’s ever-expanding network.
“Forward-thinking organisations understand that the reactive security of today is no longer doing its job. They also acknowledge that people and systems can be easily bypassed or blindsided if the business lacks a ubiquitous IT architectural plan that cuts across all levels of compute, network, storage, clouds and devices. By taking a software-defined approach to IT that ensures security is ‘architectured’ into everything, these businesses have gained the flexibility required to succeed as a digital business,” said Raymond Maisano ANZ sales director for software-defined data centre (SDDC), VMware.
New Research Highlights Misalignment on Corporate Priorities and Future Budget Expectations
In addition to calling for a comprehensive IT security architecture, Raymond Maisano highlighted EIU research that demonstrates there is still work to be done to build alignment between the C-Suite and IT leaders around corporate priorities and future budget expectations. Specifically, the study found:
- Eight in 10 IT leaders (84 per cent) and 75 per cent of C-suite business leaders in Australia indicated that they experienced an increase in cyber-attacks on their firms in 2015.
- Businesses are under increasing risks from serious cyber-attacks, with more than a fourth (nearly 29 per cent) expecting to be hit in the next 90 days.
- While IT leaders regard cyber security as their number one corporate priority, only five per cent of C-suite business leaders share that view.
- Nearly 27 per cent of IT leaders believe they will see a significant security budget increase in the next two years, compared to only 13 per cent of C-suite business leaders foreseeing likewise, despite believing that “underfunded security” is among the greatest risks to their firms.
- 19 per cent of C-suite business leaders indicated that their security teams were not effectively communicating cyber security issues to senior management.
Critical threats identified by both groups were ‘unknown cyber threats that move faster than their defences’, ‘resources and data that may unknowingly reside in the cloud’, ‘employees who are careless or untrained in cyber security’, and ‘illegitimate users and devices accessing corporate networks’.
As cyber threats grow in sophistication, any gaps in security resulting from a ‘disconnect’ between C-suite and IT leaders can lead to the loss of intellectual property, competitive positioning and customer data.
IT leaders must, therefore, become more conversant with business risks and objectives. By having deeper conversations and translating cyber risks into business terms, IT leaders can justify requests for more investment in security. The C-suite can then better understand the business implications associated with evolving threats and make informed decisions around strategy and budgets. The full EIU research paper is available here.
Click to view the EIU research infographic.
About the Research
In January to February 2016, the Economist Intelligence Unit (EIU), sponsored by VMware, surveyed 1,100 senior executives on data security practices within their firms. The survey’s primary objective was to analyse the differences, if any, between the C-suite and senior IT executives on data security. In March, EIU provided additional regional and country-by-country data for 461 senior executives in the APJ region, enabling a deep dive into the data security practices of the C-suite and senior IT executives in Australia, China, Japan, and India.
VMware is a global leader in cloud infrastructure and business mobility. Built on VMware’s industry-leading virtualization technology, our solutions deliver a brave new model of IT that is fluid, instant and more secure. Customers can innovate faster by rapidly developing, automatically delivering and more safely consuming any application. With 2015 revenues of US$6.6 billion, VMware has more than 500,000 customers and 75,000 partners. The company is headquartered in Silicon Valley with offices throughout the world and can be found online at www.vmware.com.