Global Security Study: Helpdesk Calls On The Rise, 2007 Spending To Increase
Mobile Workers’ Risky Behavior, Attitude Toward IT Prompt Two of Every Three IT Pros To Plan Greater Security Investments Next Year
New Delhi, November 14, 2006 - Cisco® today released a final set of results from a global survey of information technology (IT) decision makers, revealing a sobering admission among many of them that security-related helpdesk calls are rising and that, to protect increasingly mobile workers, a majority will increase security spending next year – and two of every five will boost spending by more than 10 percent in 2007.
The findings come from an in-depth series of international studies involving remote workers. Conducted this summer by an independent third-party market research firm, the research provides responses from more than 1,000 remote workers and 1,000 IT decision makers in 10 countries: the United States, United Kingdom, France, Germany, Italy, Japan, China, India, Australia and Brazil. The latest findings highlight the gravity of research issued in October, which reveals contradictions between remote workers’ security awareness and actual behavior as well as disconcerting perceptions of IT’s role in controlling use of work-issued laptops, personal digital assistants (PDAs), and smartphones.
Overall, 38 percent of the IT decision makers reported increases in security-related helpdesk calls. These calls involve users and their work devices falling prey to virus attacks, phishing scams, identity theft, hacking and other malicious activity. In India, more than half (55 percent) of the IT respondents reported a rise in security-related calls, and a majority of the issues involved viruses (70 percent), spam-enabled phishing attacks (61 percent) and spyware (55 percent). In all, blended spam and phishing encounters represented the most commonly reported issue – more than half (52 percent) of all IT respondents said the rise in helpdesk calls was related to this combined threat.
As a result, two of every three (67 percent) IT respondents said they expect their security-related IT investments to increase next year. And two of every five (41 percent) expect spending to jump by more than 10 percent. IT professionals in China, India, and Brazil – three relative newcomers to the Internet yet three of the world’s fastest-growing networked economies – led the pack. Following are the percentages of IT respondents who plan to increase their security-related investments next year:
- 1. China: 90%; 52% by more than 10%
- 2. India: 82%; 66% by more than 10%
- 3. Brazil: 81%; 65% by more than 10%
- 4. United States: 66%; 44% by more than 10%
- 5. Italy: 66%; 34% by more than 10%
- 6. Germany: 63%; 27% by more than 10%
- 7. United Kingdom: 61%; 33% by more than 10%
- 8. Australia: 55%; 36% by more than 10%
- 9. Japan: 54%; 24% by more than 10%
- 10. France: 51%; 29% by more than 10%
- Global Total: 67%; 41% by more than 10%
“The correlation between these results and the research released last month (Actions Speak Louder Than Words: Despite Claiming Security Awareness, Many Remote Workers Engage in Risky Online Behavior; Global Study Reveals Disconcerting Perceptions of IT’s Role in Corporate Security) is hardly a coincidence,” said Jeff Platon, Cisco’s vice president of security solutions marketing.
The previous research revealed that two-thirds (67 percent) of remote workers around the world said they were cognizant of security concerns when working remotely. However, many of those same remote workers used work computers to hijack the wireless networks of neighbors, open e-mails from unknown sources, download business files to personal computers, and share work devices with non-employees. In addition, a majority of remote workers felt their managers had more authority to control the usage of corporate devices than the IT staff, and some said it was no one’s business at all.
“These findings are a call-to-arms for IT and security teams,” Platon said. “The research clearly shows that user awareness does not always result in safe behavior, and because many users dismiss IT’s authority, they lack the inclination to engage their IT team freely and adopt best practices. It’s not surprising that IT is in a reactive mode fielding more helpdesk calls and spending more on security. Understanding the reasons for these trends heightens the urgency for IT to adopt a more progressive, cost-conscious approach to protecting corporate data and employees.”
According to John N. Stewart, Cisco's chief security officer, such an approach requires a unified commitment from an organization’s leadership to push for a “security-savvy culture.” Stewart recommends education programs tailored to various users and business cultures, appointing security champions across the company and at all levels of its hierarchy, and delivering highly visible recognition and awards. “A few war stories about what has happened within the organization are good ways to emphasize the importance of security,” he said.
“Technology is an important element in security, but it's not the end-all,” Stewart added. “Security is first and foremost a human exercise. There's an interpersonal aspect that involves communication and an unwavering commitment to education, training and acknowledgment. Combine strong IT-user relationships with technology solutions, and IT's image naturally transforms into a strategic, consultative presence that drives the formation of a security-conscious corporate culture. When this happens, CIOs and CSOs collectively maximize the return on their security solutions and still prevent risks from undermining productivity. Simply put, they can help the business.”
For more information on the research, global results and specific findings for all 10 countries, a white paper has been posted at:
About Cisco Systems:
Cisco, (NASDAQ: CSCO), is the worldwide leader in networking that transforms how people connect, communicate and collaborate. Information about Cisco can be found at www.cisco.com. For ongoing news, please go to newsroom.cisco.com.India news and information are available
# # #
Cisco, Cisco Systems, and the Cisco Systems logo are registered trademarks or trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries. All other trademarks mentioned in this document are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. This document is Cisco Public Information.