IT organizations are skittish about new projects, thanks to the ceaseless parade of high-profile data breaches that have afflicted major U.S. brands.
Some 63% of IT organizations have abandoned or delayed a new business initiative this year due to security breach concerns, according to a global security survey of 1,610 IT decision makers conducted for firewall vendor Fortinet by Lightspeed GMI.
"I know for a fact that an outside client of mine didn't go to a certain [cloud] application because of [security breach anxiety]," said Mike Vassallo, a senior network administrator at Dancker, Sellew & Douglas, a law firm based on Somerville, N.J. "They took a step back to see what kind of exposure it leaves them in."
For many network security engineers, the bad news just keeps coming. J.P. Morgan and Home Depot are just the latest big brands to leak the data of millions of customers. Vassallo, who does IT consulting in his spare time, has seen multiple instances of companies becoming more vigilant in the wake of catastrophic security breach news. No IT organization wants to see its company's name in newspaper headlines, he said.
The client that delayed its cloud application deployment might have looked at things differently a year ago, Vassallo said. "Had the most recent hacks not come to light, maybe it wouldn't have been as scrutinized. They were always security conscious, but not to the degree that they are now."
Many IT organizations delay new business initiatives simply to make sure that security is properly aligned with the project, said Tamir Hardof, vice president of product marketing at Fortinet. When they move into new territory where there are new and emerging threats, that process can take longer than anticipated.
"If you're a company in the retail space, and you see the headlines about the really big, high-profile breaches, that will give you pause," Hardof said. "You will look at it and say it's not likely [the breached company] was entirely asleep at the wheel. They were spending money on security. You're going to take some time to do some research and find out what happened there. Is it something that could happen to us? Is it something that we are prepared for?"
Fortinet's survey revealed that 90% of companies are changing their IT security strategy in response to security breach news, with 56% increasing their spending on security technology.
The survey also revealed that new technologies are causing headaches. Eighty-eight percent of IT organizations consider the Internet of Things (IoT) and biometric technologies as major security challenges today.
"IoT is a huge concern from a security perspective," said John Grady, program manager for security research at IDC. "From a consumer [perspective], you've seen the hacks or [proof of concept] hacks around everything from baby monitors to cars. Enterprises have to worry about industrial systems and medical devices. It's such a disparate ecosystem that, from a security solution perspective, it's been hard for vendors to create broad solutions."