Latest news
Regulatory compliance will be the top business issue affecting enterprise IT in the next 12 months, according to a new survey of more than 2,400 ISACA members from 126 countries.The survey found that the increase in regulations, data breaches and issues such as cloud computing and personal technology in the workplace are accelerating risk.
“IT cannot be managed in a vacuum. Increasing government regulations, consumer privacy concerns and hacktivist attacks are challenging enterprise IT assets in new ways,” said Tony Noble, CISA, a member of ISACA’s Guidance and Practices Committee and vice president of IT audit, Viacom. “The study also reveals that the business side of the organization believes IT is managed in a silo, which indicates an opportunity for better aligning business with IT to unlock greater value.”
Key business issues affecting IT are:
- Regulatory compliance
- Enterprise-based IT management and governance
- Information security management
- Disaster recovery/business continuity.
Enterprises need to manage growth in a challenging global economy while complying with more regulations and standards. Within this topic, the top-ranked technology concern (chosen by 53 percent of respondents) was segregation of duties and privileged access monitoring.
Managing IT project risk
The survey shows that there is a growing focus on enterprise-based IT management and the governance of enterprise IT (GEIT). Managing IT project risk tops the list of concerns within this area, rated as most important by 45 percent.
Increased security breaches
A top concern expressed by ISACA members was the lack of senior management involvement in setting direction for information security, which was ranked as important or very important by 80 percent of responses.
“WikiLeaks, the Zeus botnet and a rise in identity theft show that the variety and volume of threats is rising. Security is everyone’s business, not just IT’s. Organizations need top-down commitment,” noted Greg Grocholski, CISA, director, ISACA and corporate auditor, The Dow Chemical Co.
Lack of awareness
All business activity is at risk for disruption, yet continuity remains an elusive goal. According to the survey, the biggest problem (87 percent) is the lack of awareness among business managers that they are responsible for being able to maintain critical functions throughout a disaster.
The complete report is available here (registration required).
Spotlight
Is it time to professionalize information security?
Posted on 23 May 2013. | The issue of whether or not information security professionals should be licensed to practice has already been the topic of many a passionate debate.
Review: Logging and Log Management
Posted on 22 May 2013. | Every security practitioner should be aware of the overwhelming advantages of logging and perusing logs for discovering system intrusions. But logging and log management comes with its own set of difficulties.
Experts highlight top data breach vulnerabilities
Posted on 22 May 2013. | Hidden vulnerabilities lie in everyday activities that can expose personal information and lead to data breach, including buying gas with a credit card or wearing a pacemaker.
A closer look at Mega cloud storage
Posted on 21 May 2013. | Once a novelty, nowadays many cloud storage services are fighting for their piece of the market in the virtual world. Mega offers 50GB of free space with great pricing on Pro accounts.
The CSO perspective on healthcare security and compliance
Posted on 20 May 2013. | Randall Gamby is the CSO of the Medicaid Information Service Center of New York. In this interview he discusses healthcare security and compliance challenges and offers a variety of tips.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
