icon_CloudMgmt icon_DollarSign icon_Globe icon_ITAuto icon_ITOps icon_ITSMgmt icon_Mainframe icon_MyIT icon_Ribbon icon_Star icon_User icon_Users icon_VideoPlay icon_Workload icon_caution icon_close s-chevronLeft s-chevronRight s-chevronThinRight s-chevronThinRight s-chevronThinLeft s-chevronThinLeft s-trophy s-chevronDown

3rd Annual IT Security and Operations Survey
Separating the Truths from the Myths in Cybersecurity

From BMC and Ponemon Institute

As organizations attempt to move to multi-cloud environments and improve business agility, cybersecurity challenges can slow down growth. It’s important to understand what helps drive a good security posture, how to prevent or remediate risks, and how to overcome misconceptions about cybersecurity.

Ponemon Institute, with sponsorship from BMC, conducted a study on Separating the Truths from the Myths in Cybersecurity to better understand the security myths that can be barriers to a more effective IT security function and to determine the truths that should be considered important for the overall security posture. In the context of this survey, cybersecurity truths are believed to be true, based on the actual experience of participants in this research. In contrast, cybersecurity myths are believed to be false or misstatements.

Speak with a BMC SecOps expert today

Key Survey Results

65% say inadequate in-house expertise is the top reason they are likely to have a data breach
56% believe there is tension between Security and IT Operations because of lack of alignment or differing priorities
68% of respondents believe that data breaches occur because of poor patch management
65% believe compliance is important to having a strong security posture
Defending against sophisticated cybercriminals can be a daunting task. As you evolve your cybersecurity strategy it’s good to know where you stand relative to your peers. Download the survey to test your assumptions and gain practical insights to help improve your security posture.

Excerpts from the report

"Only 42 percent of respondents rate their organizations’ ability to minimize or mitigate IT security risk as high...Their organizations’ approach to dealing with threats is reactive, focusing on the immediate threat or “hack du jour.”

"Despite the risk, many companies are not investing in technologies that increase visibility into applications, data and devices…However, respondents believe it is a fact that greater visibility into all applications, data and devices and how they are connected lowers an organization’s security risk."

BMC SecOps Solutions