View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Why IT departments are putting their companies at risk of cyber attacks

About 5% of organisations believe they can deal with targeted cyber-attacks.


An increasing number of IT departments are putting their organisations at risk of internal and external cyber attacks as they fail to monitor their employees’ behaviour, according to the latest research.

The study of 500 IT and security professionals from SMEs and organisations with more than 75,000 employees found 55% have either zero or low visibility of their employee behaviour, in particular which applications and software they can access and download.

When asked how many of their employees have administrator privileges, about 31% of staff, on average, had this.

The study by privilege management firm Avecto and the Ponemon Institute also revealed that a quarter of respondents cannot determine the number of IT users with administrator privileges, despite 34% of their time being spent on managing their profiles.

Paul Kenyon, co-founder and EVP of Avecto, said: "The lack of visibility that IT security professionals have in terms of user behaviour and admin rights, combined with more sophisticated attack vectors, is making securing and managing the endpoint a growing challenge.

"As a result, this is opening up a huge variety of internal and external vulnerabilities."

He added: "As businesses move to Windows 7/8 in the wake of XP support expiration, they are finding new challenges in the way they have previously managed endpoint security.

Content from our partners
European Technology Leadership: Deutsche Bank CTO Gordon Mackechnie
Print’s role in driving the environmental agenda
What finance leaders get wrong about digital transformation

"It is now more important than ever that organisations invest in the security measures they need to protect themselves."

The research also revealed that 52% of organisations do not have the correct technology in place to prevent targeted cyber-attacks, while another 80% admitted they find it difficult to secure the endpoint.

Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, said: "While preventing targeted attacks is considered a high priority, only 5% of respondents said their organisation is fully prepared to deal with them.

"Organisations must deploy a layered approach to endpoint security or they will risk opening their systems up to vulnerability from multiple threat sources. The new age of cyber-attacks requires modern defences and companies must act quickly."

Websites in our network
NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
I consent to New Statesman Media Group collecting my details provided via this form in accordance with the Privacy Policy