As many as 76 per cent of UK IT professionals are confident about their organisations’ security measures and processes, despite the fact that 84 per cent have suffered from a significant attack, according to research.
The SolarWinds Information Security Confidence Survey, produced in conjunction with Enterprise Management Associates, surveyed 168 IT practitioners, managers, directors and executives in the UK from small- and medium-sized businesses.
The survey found that, while confidence is high, adherence to security best practices is lacking and potentially indicates a false sense of security.
"The general over-confidence demonstrates why we are seeing more breaches," said David Monahan, research director for risk and security management at Enterprise Management Associates.
"Much of this confidence appears to come from the concept that compliance is equivalent to security. Knowing that all of the major retailers that have experienced breaches in the last year have been considered compliant, we know that is not true."
Just over a third (39 per cent) of IT professionals said their organisation does not have defined security best practices or, if they have them, does not regularly follow the processes.
The good news is that two thirds (61 per cent) of respondents said their departments’ security budgets increased this year in comparison to last year.
