Transparency, security assurance affect purchase decisions: Intel study

Organizations are more likely to purchase technologies and services from companies that are more transparent about ongoing security assurance, says a new Intel study that examines how transparency, security innovation and ongoing security assurance impact purchase decisions.

Conducted by Ponemon Institute and sponsored by Intel, the study surveyed 1,875 individuals - involved in overseeing the security of their organizations' IT infrastructure - in the United States, the UK, Europe, the Middle East and Africa and Latin America.

According to the study, specific vendor characteristics such as transparency about security updates and available mitigations, ongoing security assurance and evidence that the components are operating in a known and trusted state and hardware-assisted capabilities to help protect distributed workloads and data in use, and to defend against software exploits affect purchase decisions.

While 73% of the study respondents stated that they are more likely to purchase technologies and services from companies that proactively find, mitigate and communicate security vulnerabilities, 48% said that their technology providers don't offer this capability. Other key findings of the study include:

• 76% of respondents said it is highly important that their technology provider offer hardware-assisted capabilities to mitigate software exploits.
• While 64% of respondents said it is highly important for their technology provider to be transparent about available security updates and mitigations, 47% stated that their technology provider doesn't provide this transparency.
• 74% said it is highly important for their technology provider to apply ethical hacking practices to proactively identify and address vulnerabilities in its own products.
• 71% of respondents said it is highly important for technology providers to offer ongoing security assurance and evidence that the components are operating in a known and trusted state.

"Security doesn't just happen. If you are not finding vulnerabilities, then you are not looking hard enough. Intel takes a transparent approach to security assurance to empower customers and deliver product innovations that build defences at the foundation, protect workloads and improve software resilience," said Suzy Greenberg, vice president, Intel Product Assurance and Security.