Technology News

latest updates from easySERVICE™

Oracle says companies are spending their IT budget in wrong places

Planet earth with sunrise in space

Most IT resources security today are plugged into protecting networking equipment from hackers and breaches. Not a bad idea, surely? But most enterprises are now recognizing that the goods hackers want the most are in databases and storage servers.

According to Oracle, which reported its latest research in IT security spending on Monday, the majority of enterprises are allocating their IT security resources on networking equipment rather than the server banks that store vast amounts of corporate and user data.

In the survey with 110 companies from industries including Financial Services, Government, High Tech, more than two thirds of IT security resources remain allocated to protecting the network layer, while less than one third of the staff and budget resources were allocated to protecting core infrastructure such as databases and applications.

Today’s findings underscore the relevance of Oracle’s “security inside-out” approach which means focusing attention on the organizations most strategic assets which include databases, applications and users.

Specific Research Findings are:

  • Nearly 66 percent of respondents said they apply a security inside out strategy, where as 35 percent base their strategy on end point protection.
  • Even with this fundamental belief in strategy, spending does not truly align as more than 67 percent of IT security resources — including budget and staff time — remain allocated to protecting the network layer and less than 23 percent of resources were allocated to protecting core systems like servers, applications and databases.
  • 44 percent believed that databases were safe because they were installed deep inside the perimeter.
  • 90 percent report the same or higher, level of spend compared to 12 months prior. The survey shows that 59 percent of participants plan to increase security spending in the next year.
  • In 35 percent of organizations, security spend was influenced by sensational informational sources rather than real organizational risks.
  • 40 percent of respondents believed that implementing fragmented point solutions created gaps in their security and 42 percent believe that they have more difficulty preventing new attacks than in the past.

“IT Security has to focus attention on the most strategic assets. Organizations can’t continue to spend on the wrong risks and secure themselves out of business. When attackers do break through the perimeter, they can take advantage of weak security controls against the core systems by exploiting privileged user access, vulnerable applications, and accounts with excessive access,” said Mary Ann Davidson, Chief Security Officer at Oracle. “Organizations have to get the fundamentals right — which are database security, application security and identity management.”

Share your thoughts in the comments below and don’t forget to like this post.

Source: Associated Press

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: