Regulatory compliance is a top concern in 2011
Posted on 20 April 2011.
Regulatory compliance will be the top business issue affecting enterprise IT in the next 12 months, according to a new survey of more than 2,400 ISACA members from 126 countries.

The survey found that the increase in regulations, data breaches and issues such as cloud computing and personal technology in the workplace are accelerating risk.

“IT cannot be managed in a vacuum. Increasing government regulations, consumer privacy concerns and hacktivist attacks are challenging enterprise IT assets in new ways,” said Tony Noble, CISA, a member of ISACA’s Guidance and Practices Committee and vice president of IT audit, Viacom. “The study also reveals that the business side of the organization believes IT is managed in a silo, which indicates an opportunity for better aligning business with IT to unlock greater value.”

Key business issues affecting IT are:
  • Regulatory compliance
  • Enterprise-based IT management and governance
  • Information security management
  • Disaster recovery/business continuity.
Regulatory compliance is No. 1 concern

Enterprises need to manage growth in a challenging global economy while complying with more regulations and standards. Within this topic, the top-ranked technology concern (chosen by 53 percent of respondents) was segregation of duties and privileged access monitoring.

Managing IT project risk

The survey shows that there is a growing focus on enterprise-based IT management and the governance of enterprise IT (GEIT). Managing IT project risk tops the list of concerns within this area, rated as most important by 45 percent.

Increased security breaches

A top concern expressed by ISACA members was the lack of senior management involvement in setting direction for information security, which was ranked as important or very important by 80 percent of responses.

“WikiLeaks, the Zeus botnet and a rise in identity theft show that the variety and volume of threats is rising. Security is everyone’s business, not just IT’s. Organizations need top-down commitment,” noted Greg Grocholski, CISA, director, ISACA and corporate auditor, The Dow Chemical Co.

Lack of awareness

All business activity is at risk for disruption, yet continuity remains an elusive goal. According to the survey, the biggest problem (87 percent) is the lack of awareness among business managers that they are responsible for being able to maintain critical functions throughout a disaster.

The complete report is available here (registration required).





Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //