Since so much security news is bad or negative, I thought I’d go for a change of pace and write about something a little more positive today. According to new research from SolarWinds, we’re seeing serious improvement in organizational approaches to security preparedness and effectiveness.
In North America, 50 percent of companies are more secure than they were a year ago. Numbers are slightly lower in the United Kingdom, with 40 percent of companies reporting better security over the past year. It appears that organizations are finally stepping up to improve their security posture.
And it is paying off. The SolarWinds study found that 55 percent of companies didn’t experience a data breach last year, and IT professionals believe that they are less vulnerable than they were a year ago.
Now, just because they weren’t breached doesn’t mean there were no attempts. So what are these companies doing to keep attempts from becoming full-blown attacks? They are improving their security posture with some very basic adjustments: implementing better patch management, utilizing data logs, using encryption, and improving cybersecurity education and training for employees.
At the same time, we’re also beginning to see how big tech companies are stepping up to assist other organizations, in particular SMBs, with security efforts. For example, Engadget reported that Google, Microsoft, Yahoo, Comcast and LinkedIn are working together to provide encrypted email services. The new system:
checks if the domain you're sending to supports SMTP STS and makes sure its encryption certificate is authentic and up to date. If everything checks out, it allows your message to go through. But if it detects something suspicious, it will stop the email from sending and will notify you of the reason.
It’s pretty amazing how well these very easy-to-deploy adjustments work, isn’t it? It makes you wonder why so many businesses continue to drag their feet when it comes to implementing even minor security improvements. In a formal statement, Mav Turner, director, business strategy, SolarWinds, also noted how these simple adjustments can make a big difference, but he had a warning about not getting too complacent:
The most surprising finding of the survey is just how many organizations are less vulnerable today than they were a year ago, and, on a related note, how many have implemented security technologies and better security training. While this is a sign the industry is trending in the right direction, it’s important for IT professionals to never get too confident in their organizations’ security posture, which could potentially result in overestimating one’s defenses.
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom's Guide. You can reach Sue via Twitter: @sueporemba.