Companies lack IT security funding
The Ernst & Young Global Information Security Survey has found that 90% of organisations define protecting their information resources as a major business objective, but that this area is not allocated the appropriate funding.
Of the 1 400 companies surveyed in 66 countries, 56% cited insufficient budget as the number one obstacle to effective information security. The survey says this is not surprising, in view of the tight economic picture that prevailed in most nations during the survey period.
“Most companies take on a one-dimensional, reactive and risk-adverse approach rather than a proactive holistic one,” says Grant Brewer, a partner in charge of information security at Ernst & Young.
“All too often, it requires a security breach, a competitor being attacked or a regulatory mandate for organisations to take action. Then, the core business objectives are ignored and a temporary ‘fix' is applied to the problem. Measured proactive spending is less costly in the long run than reactive spending, which is often overspending in response to an incident.”
[ Read more ]