Half of IT security leaders don’t know if their cybersecurity tools are working, according to a report from the Ponemon Institute and AttackIQ.
When asked why data breaches still happen, despite investments in cybersecurity technologies, IT and security professionals gave the following 12 reasons, the report found:
- Attackers are persistent, sophisticated, well trained and well financed (70%)
- It is difficult to protect complex and dynamically changing attack surfaces (66%)
- There is a lack of adequate security staff with the necessary skills (65%)
- Human error (62%)
- Inability to prevent employees from falling for a phishing scam (61%)
- Networks are not scanned frequently for vulnerabilities (58%)
- Lack of visibility into the operations of our security program (56%)
- Lack of control over access privileges (50%)
- System glitches (49%)
- Difficulty keeping security tools updated (48%)
- Misconfigured or incorrectly installed tools (45%)
- Threats that have evaded traditional security defense and are now inside the IT environment (39%)
Read full article here.