Cybersecurity has swept the world. According to a report from Business Insider Intelligence, initiatives for cybersecurity will spend an estimate of $655 billion to protect information on PCs, mobile devices, and Internet of Things devices by 2020. With attacks becoming more sophisticated, the time is now for businesses to invest in even more sophisticated cybersecurity.
However, this is not the case.
In fact, many companies have a gap between their security and development teams. A survey conducted by Threat Stack exhibits just that — companies don’t take security as seriously as they should. Here’s three reasons why companies put cybersecurity on the backburner:
1.) Developers and Operations do not have security training.
Probably the most devastating, companies do not train their developers and operations to properly secure their work. 60% of the surveyed companies do not integrate security in the DevOps process. It’s no wonder why so many leaks and security issues come up; the product is never made fully secure in the first place. The irony is that companies know this problem exists, but they still do not take action against it. This is why the survey says that 57% of operations teams don’t pursue best security practices and 62% of operations pushes back when asked to properly secure their work.
2.) Executives don’t follow through with security initiatives.
Many officers love to talk about their efforts in developing strong security for their customers. If these executives put some money where their mouth is, there would not be as many security problems. However, although the surveyed companies have good intent, they have terrible practice. 85% of the companies say it is an important goal to bridge the gap and establish practices between security and operations. The reality, though, is that 18% of the organizations say security operations are not established at all. The even more terrible conclusion of the study is that 52% of companies sacrifice security for speed. If only executives could make sure to follow through on security initiatives for Devops teams, we could prevent many of the pithy leakages we see today.
3.) Enterprises with the cloud don’t take care to secure their infrastructure
The cloud has been an amazing asset to companies. That’s why so many rely on it, day in and day out, to manage their files and work. Still, this dependency on the cloud creates an innumerable amount of risks, especially with employees sharing files with sensitive information with unauthorized recipients. With a little care of classifying files and implementing procedures, unwanted leaks on the cloud could be avoided. Gartner states that 60% of enterprises that implement proper cloud visibility and control will have one-third fewer security failures by 2018. But, the more than 50% of security operations professionals rate their enterprise’s cloud security as “average or worse”. In a world where the cloud is so integral in business practices nowadays, cloud security is falling heedlessly behind.
Cybersecurity may not be the easiest facet of a company, but it also happens to be one of the most vital. The future of your company may well rest in how you address the new security problems of modern technology.
This post was thanks to Kriptos.