/dqweek/media/agency_attachments/JNb31gQnqJvAm0jqPxaV.png)
Follow UsA Cisco survey shows that of the 10 countries in the study, China, India,
and Brazil feature the highest number of IT decision makers who are not only
planning to increase spending in general, but also the largest percentage who
will increase security investments by more than 10 percent YoY
As per Cisco's final set of findings from the 'Annual Research on Remote
Workers' Impact on Corporate Security', three of every five IT decision makers
plan to increase security spending within the next year. CommisÂsioned by Cisco
and conducted by InsightÂExpress, the study features surveys of more than 2,000
remote workers and IT profesÂsionals from various industries in 10 countries:
US, UK, France, Germany, Italy, Japan, China, India, Australia, and Brazil.
While the first set of results released earlier centered on remote workers'
security percepÂtions, online behavior, and their rationale for risky actions,
the current report focus on the implications that employees have on IT, and
particularly the resulting financial burden. 62 percent of IT responÂdents
reported that they will increase security-related spending in 2008, and of
those, more than half (37 percent) said their increased security investments
will rise by more than 10 percent as compared to their previous years' budgets.
Key findings
The findings spotlight the fact that security spending can increase, based
on financial losses that businesses suffer from attacks on corporate networks
and employees- including employees who work outside of the office. One of the
most intriguing findings involves global demographics, which play a significant
role in worldÂwide security spending trends.
The highest percentages of IT decision makers who plan to boost spending are
from nations that are relative newcomers to widespread Internet and IP-based
corporate networÂking. Of the 10 countries in the study, China, India, and
Brazil feature the highest number of IT decision makers who are not only
planning to increase spending in general, but also the largest percentage who
will increase security investments by more than 10 percent YoY.
According to John Stewart, Chief Security Officer, Cisco, large populations
of network-dependent employees in China, India, and Brazil were not overwhelmed
by Code Red, NIMDA, and the other notorious malware attacks as pervasively as in
Internet-dependent, consumer-based econoÂmies like the US, UK, France, Germany,
and Japan. However, today they represent three of the world's fastest growing
economies, and their dependence on the Internet and corporate networks is rising
rapidly.
The study indicates that risky behavior from remote workers in these three
countries, such as opening suspicious e-mails, hijacking wireless networks from
devices with non-employees, is much more extensive than in nations that feature
a longer history of corporate Internet use. As a result, this behavioral trend
could contribute to the jump in the IT security spending.
“During the past few years, virus attacks caused the most damage in countries
where InteÂrnet adoption was greatest,” Stewart said. As new countries increase
adopÂtion, those that drive the new Internet growth can learn from others to
understand the inherent security challenÂges-especially those who use the
Internet to shop or work remotely.
Putting it in perspective
Security is a real-life business requirement, and Stewart affirms that the
research provides global intelligence for IT organizations to take a practical
approach to protecting their companies and employees, especially as they become
more distriÂbuted. Just as IT budgets are a necessity, so too is security
spending. What's important, he said, is to underÂstand the delineation between
what's considered 'acceptable' and 'unacceptable' spending. The goal is to
prevent spending on reactive security 'firefighting'.
“Businesses need firewalls, virtual private networks, and data protecÂtion
technologies,” Stewart added. “The challenge is how to minimize other costs that
could have been prevented through sustained education of employees, such as
managing malware outÂbreaks and data theft. Awareness, as the most effective
tool, is not new thinking; the new thinking is how IT is leading the combined
people, process, and technology to protect the enterprise most effectively.
Increasing employee awareness through sustained educaÂtion reduces threats,
attacks, and the painful price tags they typically carry.”