Cisco Study Reveals 3 of Every 5 IT Pros to Increase Security Spending in 2008
Global research explores implications of unchecked remote workers’ security perceptions and behavior on cost containment efforts, creating opportunity for better education, smarter spending
India, Mumbai - March 27, 2008 - Cisco today announced a second and final set of findings from annual research on remote workers’ impact on corporate security, revealing that three of every five IT decision makers plan to increase security spending within the next year.
Commissioned by Cisco and conducted by InsightExpress, a third-party market research firm, the study features surveys of more than 2,000 remote workers and IT professionals from various industries in 10 countries: the United States, United Kingdom, France, Germany, Italy, Japan, China, India, Australia, and Brazil. While the first set of results released last month center on remote workers’ security perceptions, online behavior, and their rationale for risky actions, today’s announcement focuses on the implications that employees have on IT, and particularly the resulting financial burden. Sixty-two percent of IT respondents reported that they will increase security-related spending in 2008, and of those, more than half (37 percent) said their increased security investments will rise by more than 10 percent as compared to their previous years’ budgets.
Global Demographics’ Influence on the Behavior-Spending Connection
According to John N. Stewart, Cisco’s chief security officer, large populations of network-dependent employees in China, India, and Brazil were not overwhelmed by Code Red, NIMDA, and the other notorious malware attacks as pervasively as in Internet-dependent, consumer-based economies like the United States, United Kingdom, France, Germany, and Japan. However, today they represent three of the world’s fastest growing economies, and their dependence on the Internet and corporate networks is rising rapidly. The study indicates that risky behavior from remote workers in these three countries, such as opening suspicious emails, hijacking wireless networks from neighbors, or sharing corporate devices with non-employees, is much more extensive than in nations that feature a longer history of corporate Internet use. As a result, this behavioral trend could contribute to the jump in IT security spending.
"During the past few years, virus attacks caused the most damage in countries where Internet adoption was greatest," Stewart said. "As new countries increase adoption, those that drive the new Internet growth can learn from others to understand the inherent security challenges - especially those who use the Internet to shop or work remotely. Remote workers often represent the intersection of ‘employee’ and ‘consumer,’ a connection point where attacks target and exploit the networks and corporate devices that remote workers use away from their offices. For multinational corporations and the IT departments that support them, understanding their employee’s level of security awareness and experience is key in fostering tighter relationships, building trust, and administering effective education programs that will ultimately help to protect the enterprise."
Although China, India, and Brazil feature the highest projected rates of spending, the trend is not relegated to emerging economies. More than half of the IT respondents in eight of the 10 countries are planning to increase security spending this year.
Putting It in Perspective: The Difference Between "Good" And "Bad" Spending
"Businesses need firewalls, virtual private networks, and data protection technologies," Stewart adds. "The challenge is how to minimize other costs that could have been prevented through sustained education of employees, such as managing malware outbreaks and data theft. Awareness, as the most effective tool, is not new thinking; the new thinking is how IT is leading the combined people, process, and technology to protect the enterprise most effectively. Increasing employee awareness through sustained education reduces threats, attacks, and the painful pricetags they typically carry."
The study’s key findings will be spotlighted by Stewart and other security experts as part of a live Internet TV broadcast today from 8 a.m. to 9 a.m. PDT on ways for businesses to protect their employees, assets, and bottom lines (to attend: http://tools.cisco.com/cmn/jsp/index.jsp?id=70349).
About Cisco Systems:
Cisco, the Cisco logo and Cisco Systems are registered trademarks or trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries. All other trademarks mentioned in this document are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. This document is Cisco Public Information.