Although a network security breach is rated the number one worry keeping IT managers awake at night, most admit that they have no way accurately to measure and report on the degree of risk posed by hackers.
According to a survey of 1,700 chief information officers, chief security officers and security directors published today, some 60 per cent are unable to determine whether their network security risk is decreasing or increasing over time.
In addition, almost 60 per cent admitted that they are unable to generate reports about applications or vulnerabilities on their network by region, business unit or business owner.
The Vulnerability and Risk Management Trend Survey, conducted by security firm nCircle, also revealed that over half of respondents have no way to verify and manage compliance with their own internal security policies.
Respondents also identified the management of regulatory compliance as a growing business concern. Fifty per cent of respondents stated that it takes their company more than a month to compile information for compliance reporting.
In terms of future investments in security technology, respondents indicated that they are planning to add identity, access and vulnerability management technology in the next year.
"We conducted this survey to better understand how businesses view and manage their network security risk," said Elizabeth Ireland, vice president of marketing at nCircle.
"The results highlight the need for a significant number of enterprises to implement solutions and processes to more effectively measure, manage and ultimately reduce their risk."
And, yep, it'll run Android rather than RiscOS
US engineering giant's cost-cutting outsourcing plan is on the rocks, according to insiders
HP Envy X2 laptop only affordable if you've got loadsamoney
Counterfeit code-signing certificates enabling hackers to hide malware being sold by cyber criminals
Certificates can be used as part of layered obfuscation to evade detection by anti-virus software