Of those responding to the survey, 70 per cent said that they have dedicated resources to General Data Protection Regulation (GDPR), while only 24 per cent think that GDPR will have a substantial positive effect on the protection of individuals’ privacy.
Turning to the misuse of personal information, 58 per cent of respondents cited collection and/or sale of personal information by enterprises and social media organisations that don’t properly protect privacy as the biggest danger. These concerns have driven more than 40 per cent of information security professionals to plan to minimise their own social media usage, and many are advising their users and business units to do the same.
42 per cent of respondents stated that the weakest link in their defences are end users who violate security policy (up from last year’s 30 per cent) and are too easily fooled by social engineering attacks, while 20 per cent blame a skills shortage for failed IT security strategies, and less than half think they have enough budget to defend against today’s threats.
The professional surveyed said that the most effective security tools are: multi-factor authentication (88 per cent), encryption (87 per cent), and firewalls (75 per cent).