SailPoint, the leader in enterprise identity management, today announced the results of its 9th annual Market Pulse Survey which explores how enterprises are changing their approach to security, amid an evolving threat landscape that sees almost daily announcements of data breaches, including some of the largest ever recorded. This years’ Market Pulse Survey found that of the 50 per cent who reported being breached in 2016, the average material impact to the business was £3.1million ($4m). The survey also found that 35 per cent of companies suffered two or more breaches in the last twelve months. Unfortunately, 3 in 5 expect to be breached in 2017, with 29 per cent believing they won’t even know they were breached when it happens. As a result, survey respondents are focused on mitigating their exposure points as an organisation – with 65 per cent seeing identity management as a foundation of their security strategy.
The SailPoint Market Pulse Survey provides a global benchmark into how IT decision-makers are navigating today’s compliance and security challenges. The company commissioned independent research firm Vanson Bourne to interview 600 senior IT decision-makers at organisations with at least 1,000 employees across Australia, France, Germany, Italy, the United Kingdom and the United States.
The report did find some common areas of risk that organisations need to address:
Documents and files may be an enterprise’s biggest downfall in 2017: Unstructured data that lives outside of structured corporate systems and applications is a huge red flag for enterprises today – even though that data runs rampant through a typical enterprise, 41 per cent aren’t sure how to manage and protect that data from theft.
Employees need to understand – and follow – corporate security policies: Over one-third of respondents (42 per cent) cite trends like Bring-Your-Own-Device (BYOD) and Shadow IT as great areas of risk for their organisation, yet less than half have formalised corporate security policies in place. Coupled with the risks posed by continued poor password hygiene cited by 25 per cent of respondents, it’s clear that enterprises need to better outline and enforce corporate security policies, company-wide.
The contractor workforce is an enterprise blind spot: The surge in freelancers, contract workers and other third parties that make up today’s diverse workforce presents a significant challenge for organisations as it relates to managing identities and their access. 46 per cent of respondents are concerned with the threat that contractors may pose to their organisation, with 70 per cent admitting they don’t have full visibility into the access contractors have to corporate systems and the sensitive data that lies within.
“This year’s Market Pulse Survey highlights that the conversation is clearly changing as organisations consider how to mitigate their risk – or minimise their exposure when a breach happens,” said Juliette Rizkallah, chief marketing officer for SailPoint. “This is a positive change, as fostering open conversations and best practices will only benefit these organisations when they find themselves in the unfortunate position of being breached. The common areas of exposure can be addressed, but many organisations are struggling with how or even where to start. This report provides a clear roadmap for them to get their house in order.”