Global Information Security Survey 2009 - Ernst & Young - Australia

The survey, which canvassed nearly 1,900 senior executives in more than 60 countries, revealed that with unprecedented economic, regulatory, industry and technology change, information security leaders are facing considerable risk and challenges that may significantly affect their information security profile, including 25% increase in internal attacks and 41% increase in external attacks.

The growing areas of data theft, fraud and privacy leaks can potentially contribute to significant brand reputation issues. 61% of respondents linked information security to protecting brand and reputation, as their most important driver. Managing privacy and the protection of personal information (53%) and achieving compliance with regulations (46%) are also top priorities for information security leaders.

Mike Trovato, Ernst & Young’s Information Security Leader explains, “Increasingly threats on IT systems including internal and external attacks and data theft are also prevalent. It is paramount that companies undertake a specific, targeted risk assessment exercise to identify their potential exposure and put in place appropriate risk-based responses, to meet regulatory and other obligations and to protect brand.”

Trovato says, "With escalating levels of risk - government, industry, and company policy compliance remains the key driver in information security. Regulators are stressing holistic solutions, which will draw a need for diverse approaches." To address these challenges, Trovato says "the survey revealed that finding adequate resources and budget and achieving organisational awareness of increased vulnerability are top priority issues for information security leaders."