Top UK companies are failing to develop written security policies
Almost half (47%) of the UK's top 350 companies do not have a fully documented information security policy, despite the proliferation of computer viruses and the impact a security breach could have on a company's share price, according to a survey.
The IT department is left to develop and enforce a security policy in 71% of FTSE 350 companies, according business executives questioned for the survey.
Simon Owen, partner in the technology assurance practice at professional services firm Deloitte, said, "The findings are as alarming as any written security policy. If you fail on security, how confident can management be that controls are strong throughout the organisation?
By Nick Huber at MicroScope.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.