Does business understand IT security?
Posted on 28 March 2014.
The role of IT security is still not well-understood by business, according to a new survey by Turnkey Consulting.

The survey asked IT professionals about their organization’s position with regard to investment in IT and systems security and responses revealed that:
  • 17.5% believe it is perceived as an unnecessary expense only undertaken to keep auditors happy, up from 12.2% in 2012.
  • 37.5% say it is seen essential business practice that can deliver ROI, but this was down from 43.9% in 2012.
This is despite over two thirds (71.8%) of respondents saying that the IT security risks their organizations face from external sources has increased. In addition:
  • 38.2% of respondents had experienced a fraud incident in 2013, up from 31.3% in 2012.
  • In the past year, 30% had experienced a data loss that affected business operations, up from 17.1% in 2012.
Research also indicated that there is on ongoing reluctance to regard IT security as a business issue:
  • 57.5% of respondents believed their organization saw it as everyone’s responsibility, down from 64.6% in 2012.
  • 40% of respondents reported that their organization regarded IT and systems security as the sole responsibility of IT, up from 28% in 2012.
However, 55% of respondents said they used some automated controls, designed to prevent or detect exceptions in a business process, and planned to increase the number. This figure was up from 50% in 2012.

“It is concerning to see that IT security is still not perceived as an integral part of the business,” says Richard Hunt, managing director of Turnkey Consulting. “Corporate SAP systems are accessed from an increasing number of touchpoints, both inside and outside the organization as employees adopt mobile working, and enterprises look to enhance third party relationships with suppliers and customers. This streamlines business processes, but it increases the risk to the enterprise. To tackle this, an end-to-end approach to security is required to fully secure the organization’s systems and data.”





Spotlight

Hackers indicted for stealing Apache helicopter training software

Posted on 1 October 2014.  |  Members of a computer hacking ring have been charged with breaking into computer networks of prominent technology companies and the US Army and stealing more than $100 million in intellectual property and other proprietary data.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Oct 2nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //