Gaps in IT security are costly. Arbitrarily acquired ad hoc solutions can short-circuit the best security concepts – and these too are becoming increasingly complex.
Companies recorded revenue losses of more than 20% in some cases as a result of security incidents last year. These are the findings of Cisco’s Annual Cybersecurity Report 2017 . To make matters worse, some of the affected companies are seeing deteriorating future prospects: 22% of affected companies have lost customers in the wake of an attack.
Cisco mentions both the increasing professionalism of the attackers and the lack of risk awareness among many employees as causes. Shadow IT – i.e. arbitrarily introduced cloud applications – thus constitutes a significant danger. According to the report, one in three cloud applications is high-risk. The latest eco security report (2016) estimates that 76% of companies in Germany are using unauthorized hardware and (cloud) software. The problem is usually less the solution per se – which may be fine – but the fact that it is not integrated into the centralized security and password management. According to the Cisco study, this is becoming increasingly difficult even for regular IT procurements, due to the complexity involved: 65% of respondents are using more than six different security solutions.
Cyber Security Report 2017 does at least confirm companies’ raised awareness of IT security issues, especially once they’ve been affected. Cisco sees budget constraints, the lack of system compatibility and the lack of skilled workers as the biggest hurdles on the way to an improvement in the security situation.