Complexity and growing threats hampering effective strategy, warns IDC...European businesses are still failing to effectively implement security measures across their organisation and are adopting a "lacklustre approach" to the integrity of the data and systems, according to analysts IDC.
The main reason for this appears to the be the continued growth of exactly what falls beneath the security umbrella, with recent issues such as compliance adding to an already vast patchwork of issues.
Against such strong criticism it is perhaps unsurprising the analyst house predicts things will get better – largely because they have to.
Thomas Raschke, program manager of IDC's European security products and strategies research, said in the report that European businesses are starting to realise "a holistic approach to security is not just nice to have, but paramount for survival and an integral part of any successful business strategy".
He said this realisation as well as the increasing complexity of the security equation will continue driving the revenues of the already buoyant security industry ever upwards.
"Corporate concerns with endpoint security, regulatory compliance, spyware, spam, worms, viruses, digital identities, mobility and complexity will help to drive the security software market to achieve almost $6bn in revenue in 2009," said Raschke.
One area of increasing concern relates to the mobility of data – mobile work forces and an increasing movement of data within the organisation and in the outside world. Also identity and access management are appearing on more companies' radar screens.
Similarly the spectre of compliance now hangs heavily over many IT departments, with data retention and protection heavily loaded with security implications.
And then there are the traditional threats most commonly seen arriving via email.
Figures out today form SurfControl have revealed phishing scams in particular are still increasing rapidly, putting pressure on IT departments and HR departments to do what they can to protect staff.
With staff increasingly being required to use email as part of their working lives it is imperative companies exercise an appropriate level of care to protect staff and protect themselves from potential litigation.
SurfControl claims phishing scams have increased from one per cent to 8.3 per cent of all spam email since the beginning of the year.
The levels of scam emails hitting users inboxes is now the same as the amount of potentially offensive adult spam, exposure to which could also result in claims of a failure in the duty of care.
Steve Purdham, chief technology officer at SurfControl, said even companies who are protecting staff today cannot afford to rest on their laurels.
"As spam filtering technology becomes more comprehensive, fraudsters are becoming more devious in their techniques," he said.
Purdham said the rapid growth of spyware is another threat companies must wake up to, especially as it threatens to betray sensitive corporate data – as seen with the attempted robbery of the Sumitomo bank earlier this year.