The result is a constant game of catch-up, with companies investing in technology to support new business investments and then discovering they have to plug the security holes the new investments created. A recent AMR Research survey of 220 IT and security professionals shows 56 per cent of companies will increase their security budgets by an average of 7.4 per cent, while only 2 per cent plan to decrease them.
AMR, however, says there is a mismatch between security priorities and overall business priorities.
The disconnect comes from technology-focused security governance. “Within most companies, security is treated as an esoteric technology problem of keeping bad guys at bay.”
AMR says companies need to involve business units in setting and defining security policies. Rather than treating security as just defence against bad guys, companies must incorporate security planning into their business initiative planning.
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.