LONDON, Nov. 8 /PRNewswire/ -- Over two-thirds of corporate executives view ensuring reliable network security as the single most critical factor in the successful implementation of a converged IP network according to a new survey from AT&T in co-operation with the Economist Intelligence Unit (EIU).
The EIU global survey of 236 senior executives, representing firms from 50 countries and more than 20 industries, addressed the electronic security implications of network convergence and reported that for the second year running, security remains at the top of the list as the most critical network attribute of network performance, ahead of cost, complexity and business disruption.
More than sixty percent of all executives surveyed say that processing customer data online exposes their firms to electronic security breaches, more than any other type of vulnerability. Yet three years from now, 62% of the respondents expect to have implemented IP through most or all of their organisations.
Respondents reveal a clear link between their firms' technology-related goals and their chief information vulnerabilities. Among some of the key benefits of convergence-the enabling of deeper electronic collaboration with customers as well as remote and mobile working-are also a prime area of network vulnerability.
The survey reveals that enterprise security strategies are evolving, with some organisations looking to complement the localised approach with a more flexible and centralised form of security that enables extensive electronic collaboration with customers and suppliers.
"The new capabilities of the ubiquitous network are great for commerce, but open a whole new dimension of risk," says AT&T vice president of managed security services, Stan Quintana. "A multi-layered approach to security is required," he asserts.
According to 89% of respondents, viruses and worms remain the top electronic security threat to companies, but fewer (83%) expect this will be the case in two years' time. Surveyed executives expect the threats from hackers as well as from competitor espionage to grow in the same time frame, with 57% putting it among the chief security threats, compared with less than half today. Competitor espionage is another area where they expect to see increases.
Meanwhile, hackers will increasingly be joined by, or employed by, professional criminals targeting corporations as subjects of financial crime, through such techniques as 'phishing', already common today.
As ever, the top area of network vulnerability remains people. Most executives believe the majority of attacks originate internally, as a result of internal sabotage or espionage by employees or of unintentional mistakes. In direct contradiction there is a growing trend towards mobile and other forms of remote working, as management seeks to boost employee productivity and job satisfaction. Companies, for example, are using wireless technologies to allow sales people, service technicians and other mobile staff access to network applications and mission-critical data. Yet the security features of enterprise wireless networks remain less robust than those inherent in the fixed network.
This contradicts the parallel trends within firms toward expanded employee mobility and remote working, on the one hand, and greater collaboration with customers, supplier and partners on the other. Each of these presents distinct challenges to the operation of corporate networks.
The survey suggests that business leaders are coming to grips with electronic security-better understanding the nature of threats, and setting organisational structures and spending patterns in place to ensure they are met in a robust way. Corporate spending on network security is levelling off at about 15% of IT budgets, suggesting a commitment on the part of the executive suite to maintain spend at a relatively high level to 'maintain the defences.'
The battle, however, is far from over: the source of security threats will continue to evolve, and their ingenuity will grow. At the same time, effective network security will come to be seen as more than just a means of protecting against risk.
Enabling a truly collaborative enterprise -- in which information is shared regularly with customers and other stakeholders, and in which mobile or remote employees are able to access this and other mission-critical company data -- requires secure IP networks. Inasmuch as expanding collaboration is seen by executives as a means to enhance competitive advantage, ensuring robust network security may be seen as critical to the achievement of a strategic business objective.
This is the second in a series of four thought-leadership papers written by AT&T in co-operation with the Economist Intelligence Unit on the theme of network convergence and business strategy. Future papers in the series will address the issues of customer service and applications integration in a converged network environment.
These and other findings are presented in a new report called Network Security: Safeguarding the collaborative enterprise, which is now available at: http://www.att.com/emea/insights/whitepaper/security_2005.html.
