By Matthew Kibby, Regional Director, VMware Sub-Saharan Africa
In today’s business world, data is key. It allows companies to make decisions more quickly, maintain their competitive edge and better meet customer needs. More critical systems are being run on emerging digital technologies, letting employees use their applications on any device wherever they are. But as data becomes more valuable, it also becomes more vulnerable, and businesses are becoming increasingly exposed to sophisticated cyber-attacks. A successful hack can have serious implications, and the resulting data breach can see organisations faced with fines and reputational damage.
The threat is so serious that over a third (35 per cent) of IT Decision Makers (ITDMs) across South Africa believe C-Level executives and the Board should be held accountable for a significant data breach. However, almost a fifth (16 percent) of ITDMs do not believe their Board or C-Suite provides the right amount of attention to cyber security issues. Astoundingly, 52 percent of respondents stated that there either is no plan within their overall business strategy for addressing a security breach, or that only a small part of their organisation is aware of there being one. These figures come from research that we’ve carried out looking at the disconnect between the IT department and the wider business when it comes to data security.
Worryingly, the research actually reveals that cyber-attacks are on the rise, with almost a fifth (16 percent) expecting to be hit in the next few days. With the complexities of an increasingly digital business world, current security methods may not be keeping pace. In fact, when given a series of potential threats that may leave their organisation vulnerable to a cyber attack and asked to rank them on a scale of one to five, lack of budget and employees who are careless or untrained in cyber security ranked as one of the highest forms of threat (both at almost three out of five), topped by outdated software and systems security solutions (at 3.4 out of 5).
What the research shows is that there continues to be miscommunication between business and IT decision makers in South Africa, as well as a discrepancy between the perception versus the reality when it comes to an organisation’s vulnerability to attacks as well as their IT readiness to protect themselves against these. Notably there still appears to be a reluctance from corporate South Africa to spending money on new forms of IT security, with the majority of respondents cited that spending would be allocated to ageing technologies that do not provide businesses with a holistic inside out security solution.
Amongst other challenges to local IT departments, the fact that security spending on IT Security is only being modestly increased, is a clear indicator that customers are craving new solutions that will provide them with quantifiable results without having to continue to add new technologies through the IT value chain.
At the same time, companies are increasingly having to look inwards to combat the next threat. Many employees are putting the business at risk simply by trying to be more productive – according to ITDMs, almost a half (47 percent) of employees are allowed to use their mobile device to access corporate data, and 42 percent are aware that their employee’s mobile devices have been hacked.
The question that businesses are facing is what can they do to effectively combat these new cyber breaches without harming wider business productivity?
The key is ensuring a multi-faceted approach. Educating the workforce about security threats and enforcing company-wide compliance policy is an important step in combating any disconnect between IT and the rest of the business. Discussions and transparency between ITDMs and senior management is needed, and IT teams to be encouraged to take ownership of security initiatives. However, behind all of this, a software-defined approach to architecture can provide the foundation for keeping the whole business safe. Virtualization across storage, compute and networking gives the ultimate responsive infrastructure to defend against these new threats, giving organisations the strength and flexibility to fortify security from the inside out.
If you’re keen to understand the security threats facing your businesses, and how your business can better face them, make sure you’re visiting the blog regularly. Next week we’ll have an infographic with even more research on the disconnect between IT and the wider business. We’ll also be giving you our top ten takeaways from the research, so that you’ll be equipped with everything you need to ensure your IT security is equipped to deal with the challenges facing it.
Later in the year we’ll also be running a Crowdchat with a panel of industry experts. The live, online discussion will take an in-depth look at the data security disconnect, and will be your chance to ask any burning questions you’ve got about data security.