HOPKINTON, Mass. – Nov 19, 2013 – EMC® Corporation (NYSE:EMC) today revealed a wave of fresh insights about the IT strategies and infrastructures deployed within companies and governments throughout the world. Most notably, respondents cite a startling lack of senior executive confidence that permeates organisations globally, specifically concerning readiness around the critical IT requirements of continuous availability; advanced security; and integrated backup and recovery. Reduced investment in these critical areas threatens the ability of IT infrastructures to withstand and quickly recover from disruptive incidents such as unplanned downtime, security breaches and data loss and underscores the need to adopt progressive strategies to achieve Trusted IT infrastructures.
View complete survey details here. The Global IT Trust Curve survey, administered by independent market research firm Vanson Bourne, spans 3,200 interviews across 16 countries and 10 industry sectors. China received the top maturity ranking: Chinese IT decision makers reported implementing the highest concentration of sophisticated continuous availability, advanced security, and integrated backup and recovery technologies. The United States ranked second in maturity on the IT Trust Curve. Underscoring swift and aggressive technology investments to solidify their world influence, three of the four most mature countries -- China, South Africa and Brazil -- are BRICS nations. Japan ranked last on the IT Trust Curve in the16-nation survey. David Goulden, EMC President and Chief Operating Officer, said, “The four big megatrends in information technology today are cloud computing, Big Data, social networking and mobile devices. Adoption and maturity of these trends must float upon a sea of trust — trust that my information is secure in the cloud, trust that my data won’t be lost or stolen, trust that my IT will be operational when it needs to be — which, these days, is all the time. The more trust that can be earned and guaranteed, the bigger and faster the impact of these trends. Conversely, the less trust that is established, the more limited these trends will be. Where countries fall on the IT Trust maturity curve could affect their overall ability to compete.”
Chief among the findings are: • Lower levels of maturity permeate the globe:
o More than half (57%) of all respondents fall into the lower maturity categories, while only 8% place in the Leader category. o The higher organisations land on the maturity curve, the more likely they are to have already implemented more strategic and leading-edge technology projects such as Big Data Analytics.
• Lack of confidence in technology infrastructure:
o Nearly half (45%) of all respondents globally report that their senior executives are not confident that their organisations have adequate availability, security, and backup and recovery capabilities. In Australia this number decreases to 41%. o When asked about executive confidence levels, the percentage of all respondents within each maturity level who said their senior executives are confident that their organisations have adequate availability, security, and backup and recovery are: Laggard (39%), Evaluator (51%), Adopter (65%) and Leader (81%). Within Australia, the percentages who report their senior teams are confident are: Laggard (33%), Evaluator (45%), Adopter (76%) and Leader (86%). o Japan has the smallest percentage of respondents (31%) reporting that their senior teams have confidence in these key aspects of IT; Germany has the highest percentage (66%). o 19% (nearly one in five) of respondents worldwide cite an overall lack of confidence in their technology infrastructure. In Australia this number decreases to 14%.
• Significant disparity exists between how IT and business leaders perceive improvements:
o While 70% of IT decision makers consider the IT department to be the motivation/drive for future resilient and secure IT infrastructure, the number drops to 50% for business decisions makers when asked the same question. The split within Australia is 61% of IT decision makers and 42% of business decision makers. o A similar perception gap extends in key disciplines such as security. While 27% of IT respondents report being victims of a security breach in the past 12 months, only 19% of business decision makers globally report being victims, indicating they are not aware of all technology incidents that impact the business. The overall average of 23% compares to 21% of all respondents within Australia reporting being victims of a security breach.
• Organisations with higher levels of maturity avoid – and recover more quickly from – disruptive incidents and with reduced consequence. For example, globally:
o 53% of organisations in the Leader segment of the IT Trust Curve reported data recovery time measured in minutes or less for their most mission critical applications. The percentage drops to 27% across all maturity tiers. o 76% of companies in the Leader segment believe they are able to recover 100% of their lost data in every instance versus only 44% in the lowest maturity segment. o Organisations in the lowest maturity segment (Laggard) lost one and a half times more money over the last 12 months as a result of downtime than those in the highest maturity segment (Leader). o Security breaches were the most costly events suffered by respondents globally, who reported an average annual financial loss of $860,273 due to breaches, followed by $585,892 and $497,037 respectively for data loss and downtime. In Australia the averages were $963,947 for security breaches, $701,304 for data loss and $215,776 for downtime. • Widespread unplanned downtime, security breaches and data loss:
o 61% of all respondents’ companies have suffered at least one of the following incidents: unplanned downtime (37%), security breach (23%) or data loss (29%) in the last 12 months. In Australia, the percentages change to: unplanned downtime (32%), security breach (21%) and data loss (24%) in the last 12 months, with 54% experiencing at least one of these. o Top 4 consequences across organisations experiencing at least one of the above incidents within the last 12 months were loss of employee productivity (45%), loss of revenue (39%), loss of customer confidence/loyalty (32%) and loss of incremental business opportunity (27%). Within Australia, the results change to the following: loss of employee productivity (47%), loss of revenue (37%), loss of business to a competitor (32%), and loss of customer confidence/loyalty (30%).
• Budget constraints (52%) reigned as the #1 obstacle to implementing continuous availability, advanced security, and integrated backup and recovery solutions. Resources and/or workload constraints (35%), poor planning (33%) and knowledge & skills (32%) rounded out the top four. China was the only country that did not report budget as the #1 obstacle, instead sighting resources and/or workload constraints (50%). Within Australia, the top constraints are: budget (56%), knowledge & skills (38%), planning and anticipation (30%), and resources and/or workload constraints (29%)
• Top security concerns identified across all respondents were third party application access (43%) and protection of intellectual property (42%), pointing to the need for more advanced technology and intelligence-driven models:
o There remains a heavy reliance on “prevention-oriented” security tools, with more than 80% of respondents using anti-virus and firewalls as the two most popular security solutions. o Just 18% have adopted Security Information and Event Management (SIEM) and even fewer, 11%, have adopted Governance Risk and Compliance (GRC) solutions, which provide the necessary monitoring and response capabilities needed to defend against more advanced threats.
• Highly-regulated industries throughout the world displayed proportionally higher maturity levels:
o In addition to the IT and Technology (#3) industries, the remaining Top 5 most mature industries globally are the highly-regulated Financial Services (#1), Life Sciences (#2), Healthcare (#4) and Public Sector (#5). Executive and Analyst Quotes Irina Simmons, Chief Risk Officer, EMC “Most IT practitioners do everything within their power and control to protect the enterprise. Where breakdowns can occur is in communicating up to business leaders, executives, Boards and audit committees. We hear it from Boards all the time. Practitioners need to be able to demonstrate to leadership that they have a governance process whereby they can adequately instil confidence that risks are being addressed in line with the organisation’s overall risk appetite and profile. Success against a particular threat is not just an accident or good luck, but the result of a solid process that continually monitors and addresses new risks and threats to the enterprise.” Dave Martin, Chief Security Officer, EMC “The time has come for the industry to double down. It’s impossible to deliver advanced security if we lack foundational maturity. Without a predictable environment, or understanding of where our assets are, or an ability to pick up on nuances and detect behavioural anomalies, we will be unable to defend the organisation. That baseline of foundational maturity is an absolute enabler of effective security and establishing overall trust.” Christian Christiansen, Program Vice President for IDC's Security Products and Services Group. “Among the many powerful insights that flow from this global study, the rampant lack of senior executive confidence stands out as both alarming and, unfortunately, a sign of the times. Nearly half of respondents say their senior management has zero confidence that their organisations are prepared with adequate availability, security, and backup and recovery. That one startling fact stands as a wakeup call for company boards to make the necessary investments to brace against both external and self-imposed disruptions and threats to their IT systems and data.” Additional Resources • View full survey results at the IT Trust Curve interactive microsite • Video: Irina Simmons, Chief Risk Officer, EMC • Video: Dave Martin, Chief Security Officer, EMC • Reflections Blog: Why 45% of Executives Lack Confidence in Their IT • Connect with EMC via Twitter, Facebook, YouTube, and LinkedIn Methodology
Survey data is the result of 3200 interviews of 1600 IT and 1600 business decision makers from the United States, the United Kingdom, Canada, Brazil, France, Germany, Italy, Spain, Russia, India, South Africa, Australia, Japan, China and the Nordic and Benelux regions. Respondents were employed at companies within ten industry sectors, with 50% working for organisations with 100-1000 employees and the other 50% at organisations with more than 1000 employees.
To create the maturity curve, IT decision-makers were asked specific questions relating to IT infrastructure in each of the three pillar sections, continuous availability, advanced security and integrated backup and recovery. Within each section, respondents scored points for the sophistication of their organisation’s existing technology, but not for anything in the planning stages. Each section was scored out of a total of a maximum of 18 points and combined to give a total overall maturity score out of 54. This score was then multiplied by a scaling factor to normalise the curve and give a total score out of 100 points. Once scored, these IT decision-makers were divided into four even segments from a low to high score; Laggards (scoring 1–25), Evaluators (scoring 26-50), Adopters (scoring 51-75) and Leaders (scoring 76-100). About EMC EMC Corporation is a global leader in enabling businesses and service providers to transform their operations and deliver IT as a service. Fundamental to this transformation is cloud computing. Through innovative products and services, EMC accelerates the journey to cloud computing, helping IT departments to store, manage, protect and analyse their most valuable asset — information — in a more agile, trusted and cost-efficient way. Additional information can be found at www.emc.com. About Vanson Bourne
Vanson Bourne is an independent specialist in market research for the technology sector. Our reputation for robust and credible research-based analysis, is founded upon rigorous research principles and our ability to seek the opinions of senior decision makers across technical and business functions, in all business sectors and all major markets. For more information, visit www.vansonbourne.com. ###
EMC is a registered trademark of EMC Corporation. All other trademarks used are the property of their respective owners.
If your last access-control update was even a few years ago, you’re probably more exposed to fraud and exploitation than you’d like to be.
It’s not hard to understand why bot management is critical to maintaining business availability and customer satisfaction – but do you know how to properly deal with bots?
Increasing use of encryption has created new challenges for enterprise security managers. Ever more-sophisticated encryption such as Perfect Forward Secrecy (PFS) protects data and may even boost your Google ranking – but it also provides a haven for malicious code that may use encryption to bypass enterprise security controls.
Why nation-state attacks are everyone’s problem
With so much change all the time, how can executives best prepare their businesses to meet the security challenges of the coming years? CSO Australia, in conjunction with Mimecast, explored this question in an interactive Webinar that looks at how the threat landscape has evolved – and what we can expect in 2019 and beyond.