72% of survey respondents see an increasing level of risk due to increased external threats.
More and more, businesses are moving into a virtual world, supported by new technologies and driven by a need to reduce costs.
In this environment, the delivery of appropriate information security has been dramatically altered and has emerged as a “license to operate” for many organizations.
We have identified three trends with a significant impact on the role and importance of information security:
- Physical boundaries are disappearing as more business data is transmitted over the internet. Employees, customers, suppliers and other stakeholders are able to access this data wherever and whenever they wish. The widespread adoption of mobile devices is accelerating this trend.
- The pace of change continues to accelerate. Technology has transformed entire industries — from automotive to publishing to retail. Digitization is having a profound effect on businesses models, with traditional bricks-and-mortar industries being dominated or completely replaced by models that are essentially based on software.
- Companies are moving from the more traditional outsourcing contracts to cloud service providers. As organizations realize the benefits of bringing their business into the cloud and confidence in this business model continues to rise, they will move more critical capabilities into the cloud. This will forever alter their business model and IT functions, with the potential to greatly reduce or even eliminate their IT operations.
According to our survey, 59% of respondents plan to increase their information security budgets in the next 12 months, however indications suggest that the money might not be spent as wisely as it should be and fewer than half (49%) of respondents stated that their information security function is meeting the needs of the organization. Within our report, we examine opportunities for improvement within the current environment, along with trends that we think will shape information security in the coming years.
Do you believe the information security function is meeting the needs of your organization?
Specifically, we explore how organizations are addressing the following crucial risks:
- Mobile computing
- 80% are either planning, evaluating or actually using tablet computers.
- 57% have made policy adjustments to mitigate the risks related to mobile computing.
- Cloud computing
- 61% are currently using, evaluating or planning to use cloud computing-based services within the next year.
- Almost 90% believe that external certification would increase their trust in cloud computing.
- Social media
- Nearly 40% rated social media-related risks issues as challenging.
- 53% have implemented limited or no access to social media sites as a control to mitigate risks related to social media.
- Data loss prevention
- 66% have not implemented data loss prevention tools.
- 74% have defined a policy for the classification and handling of sensitive data as a control for data leakage risk.
- Business continuity management
- For the second consecutive year, respondents have indicated that business continuity is their top funding priority.
- IT risk management
- 56% indicated that their current information security strategy needs to be modified or needs further investigation.
- 31% indicated that their organization has recently purchased information security solutions that are perceived as having failed or under-delivered.
- 84% indicated that they have an IT risk management program in place or are considering one within the coming 12 months.
| Our perspective |
- Bring information security into the boardroom, making it more visible with a clearly-defined strategy that protects the business while also adding more value through tighter alignment with business needs.
- Make information security an integral part of service and product delivery and everyone’s day-to-day thinking.
- Focus information security on protecting what matters most, such as customer information and intellectual property.
|
Next »
