Despite recurring headlines reporting high-level cyber attacks on organisations of various sizes, businesses are failing to protect themselves from escalating threats. The latest industry survey by ManageEngine, exploring UK-based IT professionals’ outlook on cyber security and cloud adoption, has revealed startling levels of disregard towards IT security, with almost half of the respondents reporting that they install security updates and patches rarely, only occasionally, or never at all.
This should come as a shock to business leaders who will have without a doubt heard of the infamous WannaCry ransomware attack, which exploited outdated software patches in Windows systems. The UK’s National Health Service was a notable target among the thousands of other companies who also fell victim to the cyber attack. However, those business leaders mustn’t leave it to their IT managers to combat these threats alone. Investment from the C-suite is essential in safeguarding businesses against attacks.
While the survey findings reveal that IT teams and the C-suite are experiencing a stronger working relationship—with 84 percent of respondents stating that their IT department reports to the board of directors or business owner with regular updates—the board must do more than simply take an interest in how efficiently their IT department is running. The board must acknowledge the threats that the IT team faces and take an active role in ensuring the team has the resources it needs to keep those threats at bay.
Finding answers in the cloud
On the bright side, it’s not all doom and gloom. The survey findings also reveal that cloud adoption is on the rise, even among SMEs, despite a general assumption that cloud solutions are costly and only really feasible for larger organisations. In fact, 87 percent of companies in the UK now have an enterprise cloud strategy and of those companies, 40 percent have adopted a hybrid cloud strategy; a further 26 percent have taken a public cloud approach.
When questioned about the impact of cloud usage on business processes, 70 percent of respondents reported that this has been positive, citing a stronger effect on the bottom line and a greater understanding between the IT team and the wider business teams, paving the way for smoother cross-departmental processes.
While this paints a rosy picture for cloud-enabled organisations, 50 percent of IT decision makers say that IT and internet security are their top IT challenges for the next 12 months. It is evident that the security capabilities of the adopted cloud solutions may not have been considered prior to their implementation, or that the chosen solutions are not being fully utilised when it comes to bolstering security.
An enduring solution
According to the survey, 71 percent of UK companies plan to increase their spending on cloud computing in the next year. As cloud spending increases, businesses must ensure that they are investing in solutions that are capable enough to help achieve business goals. Increased IT security must be defined by the C-suite as one of those goals if the business is to be protected against existing and future threats.
Business leaders must look beyond the existing threats and ensure their businesses are future-proof by implementing cloud-based solutions that are capable of safeguarding against emerging threats, such as vulnerabilities in new technologies. The survey found that, when asked to rank which three future technologies will have the biggest impact on business, 45 percent of respondents said that the Internet of Everything will have the biggest impact, followed by artificial intelligence (41 percent), and virtual or augmented reality (33 percent). Each of these emerging technologies, while they may benefit businesses overall, will come with their very own weaknesses through which unprotected IT networks could be infiltrated.
While the C-suite are seen to be taking a more active approach towards IT, and SMEs and larger organisations are enjoying a greater working relationship between IT and upper management, security risks cannot be ignored. It is up to the C-suite to ensure that the IT team has capable solutions that don’t simply increase productivity and efficiency, but ultimately protect the business from external and internal threats.