The security of corporate data and networks is a top priority for companies of all sizes, but the security practices of SMB (<1,000 employees) and enterprise (1,000+ employees) organizations are distinct and, in some areas, divergent. That, according to the 2017 IDG Enterprise Security Priorities survey of security and IT decision-makers.
Enterprise organizations are far more likely to have retained a chief security officer (CSO), along with having a dedicated security group. They are also more likely to have deployed security technologies like two-factor authentication or data loss prevention tools than SMB organizations, which struggle to fend off threats from outside including malware and denial of service attacks.
These are among the conclusions of the latest IDG Enterprise Security Priorities Survey, which sampled the opinions of 694 security and information technology decision-makers to better understand their thoughts and priorities for 2017. The survey sampled the opinions of security and IT professionals and executives from across industries to assess their concerns and priorities for the coming year. Respondents ran the gamut, from CSOs (16% of respondents) down to rank and file IT workers (5%). The majority (70%) of those we surveyed were manager level employees working in security, information technology, or networking.
Recent studies have suggested that security is a top priority and often the top priority for information technology groups. But our survey found that security-driven hiring and organizational structures are more common among larger organizations than smaller ones. In fact, enterprises are almost three times as likely as SMBs (66% vs. 24%) to have a CSO/CISO position. Overall, fewer than half (47%) of survey respondents reported having a dedicated CSO or Chief Information Security officer (CISO) at their firm.
To continue reading, click the link below to download the 2017 IDG Enterprise Security Priorities Study.