Businesses have misplaced confidence in their information security measures, according to a government study. Last year around three-quarters of UK firms' IT defences were breached, even though most had rated security as a high priority.
The DTI's information security breaches survey 2004 found that, although three-quarters of respondents rated security highly, a significant proportion were wrong to be confident in their defences, when the reality was a skills shortage and a lack of investment in robust controls.
Andrew Beard of PwC, which led the consortium conducting the survey, said: "Our findings reveal a concern that businesses without the right monitoring and intrusion-prevention processes have a false level of comfort. Hacking activity may not be detected until it is too late to react."
Sarah Whipp at McAfee Security added: "The security challenge increases as networks become more porous, intruders get more sophisticated and the variety of threats companies face increases. Proactive prevention technologies to combat both internal and external attacks are a necessity."
Part of the problem lies in a skills gap. Only 12 per cent of the respondents were aware of the internationally recognised standard...