Having surveyed 1,149 information security professionals from across the world, the report highlights the increasing importance of information security to business strategy – from the effect of Edward Snowden’s NSA leaks and the impact of big data, to the demand for boardroom education and the need to develop a long-term strategy to combat evolving threats.
Historically viewed as an obstacle to business, information security is gradually being recognized as a business enabler.
The report also reveals that more effective collaboration between government and the information security industry is crucial to protecting organizations from future cyber threats. Additionally, more work needs to be done to strengthen government’s position as a source of information on potential threats: only 4.8% of information security professionals selected the government as their most trusted source for intelligence.
“This is something that needs to be addressed urgently,” said Brian Honan, Founder & CEO, BH Consulting, who is due to speak at Infosecurity Europe 2014. “Without better collaboration between industry and governments we are at a disadvantage against our adversaries. As threats and the capabilities of those looking to breach our systems evolve we need to jointly respond better in how we proactively deal with the threat. We need industry and government to work together in ensuring a strategic approach is taken to enabling companies and citizens to be more aware of the threats to their data, to educate them in how to deal with the threat, and finally how to work together at national and international level to tackle the threats we face.”
Data security is being pushed up the agenda according to the survey, possibly catalyzed by the Snowden revelations in June last year. The NSA exposé has triggered action, with 58.6% believing the Snowden affair has been positive in making their business understand potential threats. Despite this, it’s clear boardroom recognition needs to improve, as 46.7% feel it has not been easier to make their business understand the challenges they face as a result of the leaks.
While, on the whole, the industry is coping with the deluge of data they receive, 30.5% of information security professionals feel their organization isn’t able to make effective strategic decisions based on that data. Considering the majority have seen this volume of data increase over the past 12 months, adopting a future-proof approach to information security is going to become increasingly important. Worryingly, 47.4% believe the industry has a short-termist approach, lurching from one threat to another.