SOURCE: SolarWinds


November 25, 2014 04:35 ET

SolarWinds Survey Reveals 76 Percent of UK IT Pros Rank Their Organisations' Security Above Average, Though 84 Percent Have Suffered From a Significant Attack

A Lack of Widespread Adherence to Best Practices Combined With the Number of Organisations That Have Suffered a Significant Attack Potentially Indicates a False Sense of Security

CORK, IRELAND--(Marketwired - Nov 25, 2014) - SolarWinds (NYSE: SWI), a leading provider of powerful and affordable IT performance management software, today released the results of its Information Security Confidence Survey, which explored IT professionals' confidence in their organisations' security measures and processes. The survey found that while confidence is notably high, likely the result of several key factors, widespread adherence to security best practices is lacking and significant, damaging attacks continue, potentially indicating this confidence is a false sense of security.

"Organisations are taking positive steps toward improving their information security; most notably in terms of budget and resources," said Mav Turner, director of security, SolarWinds. "It's important, however, to never fall into the trap of over-confidence. IT pros should do everything they can to ensure the best defences possible, but never actually think they've done everything they can. This approach will ensure they are proactively taking all the steps necessary to truly protect their organisations' infrastructures and sensitive data."

Fielded in October 2014 in conjunction with Enterprise Management Associates, the survey* yielded responses from 168 IT practitioners, managers, directors and executives in the UK from small and midsize enterprise companies.

"The survey brought out many interesting and disturbing trends," said David Monahan, research director, risk and security management, Enterprise Management Associates. "The general over-confidence demonstrates why we are seeing more breaches. Much of this appears to come from the concept that compliance is equivalent to security. Knowing that all of the major retailers that have experienced breaches in the last year have been considered compliant, we know that is not true."

Survey Findings

1. IT professionals are confident in their organisations' security measures and processes.

In fact, 76 percent of those surveyed said they consider their organisations to be very secure, falling within at least the 30th percentile of the most secure organisations, with 10 percent of those believing their organisations are in the top 10th percentile. In addition, 79 percent said their IT departments currently have sufficient resources to keep their organisations secure.

2. Increased budget, man-power and integration between security and other IT processes and operations, such as network and system administration, are likely driving this confidence.

For example, 61 percent of those surveyed reported their departments' security budgets increased from last year to this year. Moreover, only 1 percent said their organisations do not have at least one staff member responsible for security, and 99 percent said they have more than one. This man-power could explain why 54 percent said they are able to test their defenses at least monthly. Finally, 35 percent said their IT departments tightly integrate security and other IT processes and operations, while all others reported at least some level of interaction.

3. Widespread adherence to security best practices is lacking and damaging attacks continue to plague organisations, potentially indicating this high level of confidence is a false sense of security.

Though 31 percent of respondents do not believe their organisations are a target for an attack and another 21 percent said they feel they are at low risk of a successful attack, 84 percent reported their organisations have experienced a significant attack, with 35 percent reporting that it took at least one month to discover the attack. Furthermore, 39 percent also said it took at least one month to recover from the attack (get the affected systems/applications back online/operating and the security hole mitigated).

Underscoring this is that 39 percent said their organisations either do not have defined security best practices or if they have them, do not regularly follow them.

*Full survey results available upon request.

Connect with SolarWinds

About SolarWinds
SolarWinds (NYSE: SWI) provides powerful and affordable IT management software to customers worldwide from Fortune 500® enterprises to small businesses. In all of our market areas, our approach is consistent. We focus exclusively on IT Pros and strive to eliminate the complexity that they have been forced to accept from traditional enterprise software vendors. SolarWinds delivers on this commitment with unexpected simplicity through products that are easy to find, buy, use and maintain while providing the power to address any IT management problem on any scale. Our solutions are rooted in our deep connection to our user base, which interacts in our thwack® online community to solve problems, share technology and best practices, and directly participate in our product development process. Learn more today at

SolarWinds, SolarWinds & Design and thwack are the exclusive property of SolarWinds Worldwide, LLC or its affiliates. All other company and product names mentioned are used only for identification purposes and may be or are intellectual property of their respective companies.

© 2014 SolarWinds Worldwide, LLC. All rights reserved.

Contact Information