The majority of companies in Slovakia use standard IT security systems to protect themselves from threats, such as anti-virus programmes and firewalls. On the other hand, only a few firms use more sophisticated security tools against modern threats like ransomware or other attacks resulting in the failure of websites and services.
This information stems from the recent survey carried out by the GfK agency in May among more than 100 IT managers and company owners. It suggests that while 93 percent of companies use the former group of security tools, the latter is used by only 38 percent of firms, the SITA newswire reported.
The companies often think that the standard systems are enough to protect them from threats and to meet the legal requirements, explains Roman Čupka, regional country manager of Flowmon Networks.
“On the other hand, these tools fail to quickly and effectively respond to sophisticated threats, like the Wanna Cry attack or the so-called DDoS attacks that have recently put the websites of Fun Radio, Sme and RTVS out of operation,” Čupka said, as quoted by SITA.
Companies have good experiences with both kinds of protection, the GfK survey showed. While 83 percent of respondents said they consider the ordinary systems beneficial, 80 percent said the same about the above-standard systems.
The survey also suggests that the importance of sophisticated security solutions is underestimated not only by their limited use, but also by weak investment plans that companies have been following for years. About 20 percent of companies plan to invest in above-standard IT systems in the following three-five years. The percentage of companies planning to invest in standard IT systems is slightly lower: only 16 percent.
“In terms of the massive widening of the new types of threats that can avoid the ordinary preventive protection of the computer networks, this number is quite low,” Čupka said, as quoted by SITA.
Yet, new legislation, such as the draft law on cyber security and the new regulations concerning the protection of personal data, will force many organisations to deal with preventive security measures and also utilise above-standard solutions to identify and respond to these threats as soon as possible, he added.
As many as 37 percent of organisations plan to use the new tools to protect themselves from harmful code in the following three-five years. They then want to implement new technologies for application security, for recording the activities of infrastructure and IT systems, their users and administrators, as well as tools for detection, collection and assessment of cyber events and to verify the identity of users planning to enter the information systems, SITA reported.