Don’t Let Your Customers Get a False Sense of Security

For some reason, this week in particular I came across a lot of interesting—and downright scary—IT security data, from costs of security breaches to the sheer amount of cybercrime activity to the loss of productivity of employees who have been victims of identity theft.

At the same time, CompTIA released the results of a new study saying organizations appear more confident than ever about their readiness against a possible attack. But there is a catch: CompTIA also warns that this bravado may be causing a false sense of security and new threats can be easily overlooked. I couldn’t agree more.

I’ve been covering the IT industry for just shy of 25 years and one thing I can tell you is that hackers, spammers and other cybercriminals keep getting more sophisticated and there’s always one group or individual one step ahead of security technology. Solution providers know this and it’s their job to make sure their customers know it.

Here are some stats that were recently released by KnowBe4:

Contrast this with what CompTIA revealed and you’ve got a big problem for business and a big opportunity for solution providers. “Organizations are overwhelmingly confident in their readiness to combat security threats, but may not be prepared for dangers linked to new technology models and increasingly sophisticated threats,” CompTIA said, citing its 11th Annual Information Security Trends study. In fact, 82 percent of companies surveyed said their current level of security is mostly or completely satisfactory.

Further, just 13 percent of companies surveyed said they actually have made any drastic changes to their IT security approach over the past two years. This is particularly troubling, as it comes at a time when businesses have embraced new technologies and policies around cloud computing, BYOD and social networking—a hacker’s dream.

CompTIA highlights this irony. “The use of new technologies necessitates a change in security approach,” said Seth Robinson, director, technology analysis, CompTIA, in a prepared statement. “It’s clear why companies view security as a top priority; but what’s less clear is whether they are fully aware of which actions to take to build an appropriate security posture for a new era of IT.

“Many organizations may be assuming a satisfactory level of security without truly performing the due diligence to understand their exposure and build an appropriate security posture for a new era of IT,” Robinson continued. “To truly ‘move the needle’ on security readiness, the overall approach must be re-evaluated from the top level of the business down through all departments.”

Here is where the role of the solution provider becomes critical. Solution providers need to educate their customers on the continued risk of IT security breaches and make sure their systems and information are safeguarded and their defenses are current. It’s an ongoing opportunity.

Knock ’em alive!