Survey highlights major risks that worry information security professionals

Citrix has released a revealing report that highlights some of the key risks that are keeping information security teams awake at night. 399 IT and security professionals across the UK participated in the survey.  The survey centred around risks that were categorised into the following four categories:

  1. Risks created by outdated and inefficient IT security technologies.
  2. Risks created by compliance with regulations, notably the GDPR (General Data Protection Regulation).
  3. The proliferation of unapproved applications and devices in the workplace. This includes general ‘dysfunction’ due to generational differences in the organisation.
  4. Risks created by cyber crime, employee negligence and organisational dysfunction.

76% said their existing security solutions are outdated and inadequate

Respondents said their security solutions are outdated and fail to protect their organisation from cyber crime and security risks related to employee behaviour and organisational problems.

In addition, less than half of the respondents believe their security infrastructure facilitates compliance and regulatory enforcement.

Respondents further said they were worried about how their organisations will address the risks brought about by new international privacy and security regulations and cyber security mandates.

Start with ISO 27001

ISO 27001 and its best-practice code ISO 27002 provide the full framework for developing an ISMS (information security management programme) to manage information security risks and enable the organisation to achieve its regulatory and compliance objectives.

ISO 27001 is a certifiable standard and encompasses the three essential aspects of a comprehensive information security regime: people, processes and technology.

By implementing measures to protect information using this three-pronged approach, the company is able to defend itself not only from technology-based risks, but other, more common vulnerabilities, such as poorly informed staff or ineffective procedures.

ISO 27001 is the globally accepted standard for managing information security, with a global annual growth rate of 20%, making it the third fastest-growing standard in the world.

Get an ISO 27001 gap analysis today

Get an expert opinion on the resources, timescales and plans you need to achieve ISO 27001 certification-readiness with a detailed gap analysis based on your company’s existing information security posture.

Find out more