The Global State of Information Security Survey: Perception versus reality gap
- 20 September, 2012 22:00
Despite a rise in security incidents and decreasing IT budgets, information services executives around the world remain confident in their organisation’s security,according to the 2013 PwC Global State of Information Security Survey (GSISS).
GISS is an online survey conducted by PwC, CIO, and CSO. Between February and April this year more than 9300 responses were collected from executives around the world, including 180 in New Zealand.
According to the survey 68 percent of executives are somewhat confident their organisations have been instilled with proper information security behaviours, and 70 percent responded saying their security efforts are effective.
Despite this 13 percent of executives reported 50 or more security incidents, and around half of respondents expec their security budgets to be trimmed in the next year
“Security models of the past decade are no longer effective. Today’s rapidly evolving threat landscape represents a danger that shows no signs of diminishing, and businesses can no longer afford to play a game of chance,” says Mark Lobel, a principal in PwC’s advisory practice.
“Companies that want to be information security leaders must prepare to play a new game – one that requires advanced skills and strategy to win against emerging threats.”
Cloud platforms, social networks and mobile devices are relatively new frontiers for enterprise security.
PwC says 88 percent of consumers use their mobile devices for personal and work purposes, but according to the survey only 45 percent of organisations have a mobile device strategy, and 37 percent have malware protections for mobile.
Only 40 percent of respondents say they have a social media security policy, PwC says this lags behind the actual adoption of social media technology in workplaces.
In today's world of ' big data', the survey also finds that most organisations are keeping looser tabs on their data today than in years past. While more than 80 percent say protecting customer and employee data is important, far fewer understand what that data entails and where it is stored.
Fewer than 35 percent of respondents said they have an accurate inventory of employee and customer personal data, and only 31 percent reported they had an accurate accounting of locations and jurisdictions of stored data.
“The decreased deployment of security and privacy tools is analogous to turning off your burglar alarm during a crime wave,” says Lobel. “Intruders are exploiting business ecosystems, leaving reputational, financial and competitive damage in their wake.
"Today’s information security leaders must acknowledge that a new way of thinking is required to achieve effective security. The very survival of the business demands that they understand, prepare for, and quickly respond to security threats.”
Follow CIO on
Download CIO for your tablet here.
Click here to subscribe to CIO.
Sign up to receive free CIO newsletters.
Send news tips to firstname.lastname@example.org
Rethinking the worst case
The brand called CIO
Motorola turns to the Moto G's price to reserve its smartphone fortunes
Virtual desktop computing service: The next cloud disruptor?
Google app translation service now available to Android developers
Building a Strategic Archive
For years, most companies have dealt with the evolving dynamics of data archiving by addressing an immediate need rather than building a long-term strategy. But over time, putting all information on costly storage is likely to be very expensive. This whitepaper explains why it’s time for organizations to start to strategically evaluate archive solutions for capabilities they need, both now and in the future. While no technology is future proof, an archiving solution can make you “future ready.”
How to Socially Enable Your Contact Centre
More than 75 per cent of consumers have posted damaging comment on social media following a negative customer experience. Yet a whopping 70 per cent of companies have little understanding of the social media conversations featuring their brand. This whitepaper looks at how to deliver your brand promise, retain customers and increase their lifetime value with new service channels.
Casestudy: Managing an Antivirus Service and Improve the Customer Experience
Anittel Group has provided managed technology and connectivity services to organisations for more than 15 years, expanding to become one of the world’s largest full-service, IT and telecommunications companies. Previously, Anittel deployed an in-built antivirus solution as part of its managed service offering, which addressed a number of its customers’ needs, except for individual malware infections, which occurred as often as a several times a week. In this case study, find out what they did to solve this problem.