Security becomes part of organisational DNA of NZ companies
IDC: Security becomes part of the organisational DNA of NZ companies
AUCKLAND, March 19th, 2018 – IDC New Zealand has released its Security Heatmap which summarises and provides insights into the ICT security issues facing New Zealand organisations. It draws on security data from surveys conducted by IDC New Zealand in 2017.
This year's Heatmap reveals the challenges that New Zealand organisations face when investing in security; their budget plans; investment intent, and sentiment around overall engagement with security service providers.
"The fast pace of technological disruption is necessitating a tremendous amount of work across all levels of NZ organisations to manage the accompanying security risks," says Louise Francis, Research Director at IDC New Zealand. "Two years ago, New Zealand organisations were focused on security at the perimeter, and end-point connections. Now there is a much greater understanding that security must be embedded within all technology deployments and solutions, right from the concept stage. There is also much greater awareness that employees can provide one of the most significant security vulnerabilities to an organisation."
• Within the
mobility threat landscape 70% of the threats can be traced
back to user related factors: uninformed and malicious
users, unsecured devices and unsecured
• Almost a quarter of New Zealand organisations have experienced downtime due to human error and 19% have experienced downtime due to data security breaches within the last year.
• 65% of New Zealand organisations prefer to partly or entirely outsource their security services, and over a third (37%) are planning to renew or expand existing engagements, to ensure their relevance in the next 12-24 months.
• 28% are increasing their security services budgets in 2018, but 9% are decreasing spend.
• While network and content security continue to be the most outsourced security elements, the biggest growth will be driven by app security testing and mitigation of Denial of Service (DDoS) type of attacks as organisations aim to address the security threats to the organisation.
• Trust is extremely important when selecting a managed security service provider. Having an established relationship is the top criterion (see graphic below). Global reach; comprehensive portfolio of solutions; in-country security operations centres (SOCs) and a strong local presence, round out the top five criteria.
"Cybersecurity risks are business risks. CEO’s and CIO’s are becoming acutely aware that they will be challenged to maintain their enterprise’s digital vision, while also addressing increasing security concerns. Security and business risk concerns are now seen as the biggest barriers for organisations seeking to benefit from digital transformation; therefore, IDC expects this to remain a top area of focus for the foreseeable future," says Francis. "But it is important to remember: security is never about the technology. It is an organisational mindset."