Are information security surveys reliable?

Would you admit to lax security on your computer? And would you admit to being hacked or being hit by a virus? Many people would feel a little embarrassed to admit they have been caught out. This reluctance may be reflected in the answers given in IS security surveys.

Image Credit

According to research, more than three-quarters of people admit to lying on social media.

File integrity

In the age of persistent threats such as DDoS and other security risks, File Integrity Monitoring (FIM) is a way of detecting threats and acting quickly to minimise the damage.

The right file integrity monitoring software can solve all of these common issues and more. To find out about some of these software solutions, why not take a look at the website of a specialist such as https://www.promisec.com/file-integrity-monitoring-software/, today.

Cybersecurity reports that are based upon answers to surveys from respondents can often produce misleading statistics, thus leading to some industry confusion. This is because IT security team members and Chief Information Security Officers frequently lie when answering survey questions (although they don’t always mean to).

Image Credit

The pros and cons of surveys

Conducting in-depth research takes months or even years and can be very expensive, so it is not surprising that some security vendors decide to use surveys as an alternative. However, most senior IT staff simply won’t have enough time to truly absorb the survey questions and consider their answers carefully. This can mean that even those who do answer the surveys may pick the answers on instinct or even select the same answer to each question (e.g. if they are multiple choice they will select all Bs).

Why aren’t survey respondents totally truthful?

Recent research from TAB found that those who fill out surveys often lie in order to make themselves look in some way superior to their peers and, therefore, may underplay the seriousness of any issues they face. Others are unwilling to disclose information about anything that has happened that may make them seem at fault. Correspondents may also not be entirely truthful if they want to manipulate the outcome of the survey in some way (e.g. someone looking to increase their IT security budget may exaggerate how much they are being hacked).

Not all surveys are misleading but results should be taken with a pinch of salt.

Be the first to comment on "Are information security surveys reliable?"

Leave a comment

Your email address will not be published.


*