INFORMATION SECURITY SURVEY 2018

In 2018 SearchInform held a number of seminars conducting Road Show in 4 regions worldwide. South Africa, the Middle East and North Africa, Latin America and CIS have taken part in the annual anonymous survey presenting the relevant level of data risk awareness and expertise from across 10 industries, including IT, power engineering, manufacturing and transport, finance and banking, retail, hospitality, healthcare, state defense, logistics and construction.

15 countries have shared their experience and methods introduced to protect the corporate network

map

WHICH SOLUTIONS ARE INSTALLED TO PROTECT
A CORPORATE NETWORK

Antivirus
  93%
Firewall/Proxy
  79%
Administration tools for Windows
  78%
DLP
  29%
IDS/IPS
  23%
SIEM
  12%
Spam filters
  11%
Data is not protected
  1%

WHICH CHANNELS ARE CONTROLLED

Email
73%
Email
External storage devices
48%
External storage devices
Telephony
35%
Telephony
Documents sent to print
29%
Documents sent to print
Messengers
26%
Messengers
Cloud storage
25%
Cloud storage
All
8%
All

WHICH INFORMATION WAS LEAKED IN 2017-2018

Trade secret
  35%
Trade secret
Technical information
  17%
Technical information
Personal data
  16%
Personal data

WHO APPEARS TO BE A VIOLATOR

Employees
  59%
Accountant/economist/financier
  21%
Managers
  19%
Assistant manager/secretary
  16%
IT specialists
  15%

WHICH SANCTIONS ARE IMPOSED

49%
49% Dismissal
34%
34% Fine/Cutting bonuses
32%
32% Reprimand
12%
12% Prosecution
8%
8% No sanctions

ARE THERE ANY CORPORATE
REGULATIONS INTRODUCED

77%
 
EMPLOYEE SIGN A NON-DISCLOSURE AGREEMENT
18%
 
THERE ARE NO REGULATIONS

DO CLIENTS OR MEDIA SOURCES GET INFORMED ABOUT A LEAK

No, a leak is not announced
49%
No, a leak is not announced
Yes, clients get informed
21%
Yes, clients get informed
Yes, a media announcement is made
3%
Yes, a media announcement is made
THE NUMBER
OF LEAKS INCREASED
IN 2018
Yes   15%
No   58%

62% and 68% of South African and MENA countries’ companies accordingly don’t have a specific department monitoring information usage and assign IT officers to manage data safety issues

62%
 
SOUTH AFRICAN
COMPANIES
68%
 
MENA COUNTRIES’
COMPANIES
40%
40%
of MENA companies disallow remote control software (TeamViewer)
38%
38%
of organisations in Lebanon, Iraque and Egypt have forbidden remote control software

SOUTH AFRICA IS THE ONLY COUNTRY SHOWING EQUAL DATA
LEAK SCORE DUE TO INTERNAL AND EXTERNAL VIOLATIONS

38%
38%
of companies indicated a hacker attack to be the reason
38%
38%
selected computer/hardware theft or loss among the answers
38%
38%
of organisations were affected by corporate fraud

Human factor is identified as the biggest threat according to the respondents representing each of the
regions which participated in the survey, and Latin America shows the highest percentage

74%
 
of organisations consider
negligence the most repeated peril
79%
 
of companies in Latin America
think of human factor as a major security breach provoker

Alexei Parfentiev, leading analyst at SearchInform

We observe the willing of managers to foreknow a problem, to understand the incentives, the reasons which make employees compromise corporate assets. And it is not just about monitoring loyalty issues – negative feedback and sabotage.

Employers seek to comprehend the problems of their staff members, to recognise situations which might undermine the wellbeing of the colleagues and interfere with business processes: drug or gambling addiction, extremism. Such an approach has a positive effect on a company’s internal workflow and increases the level of security in the regions.

SURVEY RESULTS IN PDF