Survey: 30% of Execs Lack Confidence in InfoSec Strategy
As we reported recently, Cyber attacks are becoming increasingly common across the globe. Many Fortune 2000 companies as well as government agencies around the world are under frequent cyber attack of their core systems and services.
The opportunity for cyber attacks grows daily as these corporations and governments continue to amass information about individuals in complex networks across the Web. At the same time new generations of cyber activists, some motivated purely by money and others by the desire to expose and destabilize corporations and governments, continue to hack into organizational secrets.
How best to cope with the growing number of these cyber security threats? Raising awareness among business executives is an important first step in the implementation of a sound information security policy.
The following survey results aim to measure the state of awareness and preparedness of corporate information security policies among global business executives.
About 29% of business executives surveyed are uncertain when it comes to their organizations' information security strategy. Another 43% believe their organization has an effective information security strategy in place.
These numbers are some of the findings of the 2012 Global State of Information Security Survey conducted recently. Participants in the survey included approximately 10,000 senior level executives from organizations globally.
The survey respondents included members of both CSO and CIO Magazines as well as Price Waterhouse Cooper clients.
The survey placed respondents into differnet groups such as information security frontrunners (43%). These were defined as those executives that have an effective information security strategy in place.
Next, strategists (27%) defined as those who are better at making policy than implementing it. Tacticians (15%) who are better at getting things done than creating strategies. Last are the fire-fighters (14%) defined as those who are in reactive mode. This implies that they typically are without effective strategies in place.
According to Ciaran Kelly of PwC, "Companies now have greater insights than ever before into the landscape of cyber-crime and other security events, and they're translating these insights into investments on risk prevention and detection technologies," "Just a few years ago, almost half of this survey's respondents couldn't answer the most basic questions about the nature of security-related breaches, now approximately 80% of respondents can provide specific information about the frequency, type and source of security breaches their organizations faced this year."
According to the survey, the global adoption of cloud computing services has improved, but also complicated, the security landscape.
More than four out of ten respondents report that their organization uses cloud computing. Of these, 69% used software-as-a-service, 47% used infrastructure-as-a-service and 33% used platform-as-a-service.
54% of organizations say that cloud technologies have improved security, while 23% say it has increased vulnerability. The largest perceived risk is the inability to enforce provider security policies.
Organizations are beginning to amplify their efforts to prevent mobile and social media based attacks.
Enjoyed the article?
Sign-up for our free newsletter to kick off your day with the latest technology insights, or share the article with your friends and contacts on Facebook, Twitter or Google+ using the icons below.