Spiceworks Research Finds Businesses Face Security Vulnerabilities Due to Legacy Operating Systems and a Gap in Cybersecurity Expertise

AUSTIN, Texas, July 30, 2019 /PRNewswire/ -- Spiceworks, the marketplace that connects the IT industry, today announced a new study, The Future of Network and Endpoint Security, that examines current business vulnerabilities and emerging security trends in organizations across North America and Europe. The findings indicate many businesses are turning to next-gen security solutions like AI-powered threat intelligence and security as a service to face evolving security threats and existing vulnerabilities, including outdated operating systems, limited use of encryption, and a lack of in-house security expertise.

(PRNewsfoto/Spiceworks)

"There are massive opportunities for security vendors to help organizations better protect their devices, data, and networks as they turn to intelligent security technologies and security as a service solutions to guard against new threats and compensate for a cybersecurity skills gap," said Peter Tsai, senior technology analyst at Spiceworks. "Looking forward, security vendors that can offer solutions and services with the right mix of value for money, protection against emerging threats, and innovative capabilities will be well positioned to capitalize on this trend."

Outdated operating systems and cybersecurity skills gap leaves many businesses at risk

According to Spiceworks technology deployment data, 32 percent of businesses have Windows XP installed on at least one device on their network, despite the operating system reaching end of service in 2014. Spiceworks deployment data also shows 79 percent of businesses are running Windows 7, which will reach its end of service in January 2020. When asked about their operating system migration plans, 25 percent of businesses surveyed said they don't plan to migrate from Windows 7 until after the end of service date, posing additional vulnerabilities for organizations.

Other current business vulnerabilities discovered in the research include:

  • Limited access to cybersecurity experts: 53 percent of businesses do not have a cybersecurity expert on staff, and 17 percent have no access to cybersecurity expertise, either internally or externally through third-party security consultants.
  • Limited use of data encryption: 17 percent of businesses reported they do not employ any type of encryption.
  • Lack of preparedness for common cybersecurity threats: 27 percent of business believe they're unprepared to respond to internal data leaks.

Businesses turn to next-gen security solutions to face ever-evolving security threats

As security threats become more advanced and business vulnerabilities become more difficult to manage, the research indicates adoption of AI-powered security solutions have the potential to triple by 2021. For example, 18 percent of businesses have adopted AI-powered threat intelligence platforms, and an additional 30 percent are considering adopting them in the next two years. Additionally, 12 percent of businesses now use AI-powered network security appliances and an additional 32 percent are considering adopting them in the next two years.

Many businesses are also turning to security as a service solutions to outsource some security responsibilities to a trusted service provider. The most common as a service security solutions include endpoint security and threat protection with business adoption at 28 percent and 19 percent, respectively. Within the next two years, adoption of intrusion detection and prevention as a service is expected to see the most growth: 12 percent of businesses use it today and an additional 23 percent are considering using it by 2021.

When it comes to what IT decision makers look for in security solutions, the data reveals great value for money, minimal performance impact, and zero-day threat protection are the top three most critical consideration factors.

Businesses rely on a mix of endpoint and network security providers to meet their needs

The study also examined business adoption and IT buyer satisfaction of the top endpoint and network security providers. Among endpoint security solution providers, the research shows Malwarebytes (35 percent) and Sophos (24 percent) have the highest adoption rates across all company sizes. Symantec, Webroot, Trend Micro, Bitdefender, and ESET are also among the top endpoint security providers. When IT buyer satisfaction was evaluated, the results show Sophos earned high marks for zero-day threat protection, while Webroot takes the top spot for great value for money and minimal performance impact along with ESET. 

Among providers of network security appliances, the results show Cisco (35 percent), SonicWall (23 percent), and Meraki by Cisco (19 percent) have the highest business adoption rates today. Sophos, Fortinet, and Barracuda are also among the top providers according to IT buyers. When asked about IT buyer satisfaction, Sophos earned the top spot for great value for money, and zero-day threat protection, while Fortinet earned the top spot for minimal performance impact.

Despite using a mix of different endpoint and network security providers today, 51 percent of businesses would consider using a single security vendor if they offered a comprehensive, multi-layered product portfolio.

Methodology
The Spiceworks survey was conducted in June 2019 and included 489 IT decision makers in Spiceworks. Respondents represent organizations in North America (77 percent) and Europe (23 percent) across a variety of company sizes, including 37 percent from small businesses (1 to 99 employees), 53 percent from mid-size businesses (100 to 999 employees), and 10 percent from enterprises (1,000+ employees). Respondents represent a variety of industries, including education, healthcare, nonprofits, government, finance, retail, construction, manufacturing, and IT services. The survey data was supplemented by operating system data that was collected in April 2019, based on anonymized, aggregated technology deployment data from Spiceworks products.

About Spiceworks  
Spiceworks is the marketplace that connects the IT industry to help technology buyers and sellers get their jobs done, every day. The company helps people in the world's businesses find, adopt, and manage the latest technologies while also helping IT brands build, market, and support better products and services. Founded in 2006 and headquartered in Austin, Texas, Spiceworks empowers people to use technology to make their organizations, their communities, and the world better. For more information, visit http://www.spiceworks.com.  

Connect with Spiceworks on Facebook: http://www.facebook.com/Spiceworks and follow us on Twitter: http://twitter.com/spiceworks.   

Spiceworks is a registered trademark of Spiceworks, Inc. All other names may be trademarks or registered trademarks of their respective owners.  

Media Contact:  
Risa Kleen  
PR Manager
press@spiceworks.com 

 

Cision View original content to download multimedia:http://www.prnewswire.com/news-releases/spiceworks-research-finds-businesses-face-security-vulnerabilities-due-to-legacy-operating-systems-and-a-gap-in-cybersecurity-expertise-300892609.html

SOURCE Spiceworks

News, commentary and research reports are from third-party sources unaffiliated with Fidelity. Fidelity does not endorse or adopt their content. Fidelity makes no guarantees that information supplied is accurate, complete, or timely, and does not provide any warranties regarding results obtained from their use.