Security Survey: 1 in 10 Cheat on IT Audits

Wednesday, June 30, 2010 @ 05:06 PM gHale

In order to pass an IT audit, 1 in 10 IT professionals admit they or a colleague have cheated.
Among those who have cheated, they cited lack of time and resources as the main reasons, underlining the ever increasing pressure on today’s IT departments, according to the survey conducted by security lifecycle management company Tufin Technologies based in Ramat Gan, Israel. The survey consisted of 242 IT professionals mainly from organizations employing 1000 to 5000+ employees.[private]
When it comes to firewalls, 25% said audits take a week to conduct. The survey also showed more 30% of respondents only audit their firewalls once every 5 years and 7% never even conduct an audit. As it turns out, 36% of IT professionals admit their firewall rule bases are a mess increasing their susceptibility to hackers, network crashes and compliance violations.
The survey also found:
• 31% only audit their firewalls once a year
• 22% don’t know how long it takes to audit their firewalls
• Of those that admit their firewall rule base is a mess, 25% believe this makes their network susceptible to crashes and 38% susceptible to compliance violations
• 56% responded that automation tools would save them a lot of time
While companies pay attention to the firewalls selection process, and invest millions in acquiring it, much less attention and resources go toward making sure the firewalls remain optimized at all times for potential security risks and compliance breaches.
Despite the tough economic times, IT has remained high on the budget priorities with 59% of companies saying they have not cut back at the expense of their company’s security, according to the survey. With malware at record highs and more and more compliance legislation coming, companies are not cutting back on IT budgets.
To view the complete survey results, click here. [/private]

Leave a Reply

You must be logged in to post a comment.