Connect with us

Hi, what are you looking for?


Management & Strategy

Security Not Keeping Pace With Consumerization of IT, Forrester Research Finds

Consumerization may be one of the factors influencing enterprise IT, but for many organizations, security may not be keeping pace, according to a new paper by Forrester Research.

Consumerization may be one of the factors influencing enterprise IT, but for many organizations, security may not be keeping pace, according to a new paper by Forrester Research.

In a paper entitled, ‘Understand The State Of Data Security And Privacy: 2012 To 2013‘, data loss and protection are listed as top concerns when it comes to mobile security. Based on a survey of 2,383 IT executives from five countries, Forrester reported that most organizations have security policies in place for smartphone, tablet and consumer-oriented tool use, but more than half admitted that either they don’t have the tools to enforce the policy or the tools they do have are insufficient for the task.

BYOD Security RisksThis poses a serious problem if a study released in May is accurate. The study, commissioned by Check Point Software Technologies, fielded answers from more than 2,600 participants from the U.S., U.K., Hong Kong, Brazil and Germany. According to the study, 11 percent of the machines and mobile devices connecting to the networks of U.S. participants are infected with malware.

But the lack of tools isn’t the only issue. Just 56 percent of the respondents to the Forrester study said they were aware of their organization’s current security policies.

“Consider employee awareness to be another layer of security, and realize that educating employees is also internal PR outreach for the security group,” Forrester analyst Heidi Shey wrote in the report. “S&R pros can show that, yes, they understand how employees work, what tools they use, and have taken measures to enable employees to get work done — and do it in a secure manner.”

Most of the breaches that occur are the work of insiders as opposed to external attacks, according to the survey. In fact, only 25 percent of data breaches experienced by the respondents in the last 12 months were caused by outsiders. The largest percentage was due to the loss or theft of a corporate asset (31 percent).  Twenty-seven percent were due to unintentional misuse of data by employees, while 12 percent were related to acts by malicious insiders.

“Given all the media attention on data and privacy breaches, hacking, and advanced persistent threats today, it’s easy to assume that all the major threats to your organization come from external actors,” Shey wrote. “Not completely true. Insiders and business partners also have access to data and information that they compromise. Whether their actions are intentional or unintentional, insiders cause their fair share of breaches. Other common sources of breach include loss or theft of corporate assets, such as laptops or USB drives, and external attacks that target corporate servers or users.”

The full paper from Forrester Research is available here.

Advertisement. Scroll to continue reading.
Written By

Marketing professional with a background in journalism and a focus on IT security.

Click to comment


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.


The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.


People on the Move

Data security startup Reco adds Merritt Baer as CISO

Chris Pashley has been named CISO at Advanced Research Projects Agency for Health (ARPA-H).

Satellite cybersecurity company SpiderOak has named Kip Gering as its new Chief Revenue Officer.

More People On The Move

Expert Insights