Monday, November 21, 2005

Compliance takes top spot

The sheer number of regulations and the consequences of not complying with them has escalated information security to the boardroom. Compliance with regulations is now the primary driver of information security within many companies, for the first time surpassing worms and viruses. This is according to an annual global information security survey by professional services provider Ernst & Young.

Despite the increased awareness of regulatory compliance, information security as a function is not becoming a natural part of organisation’s strategy, says the report.“The gap continues to widen between the growing risks brought on by rapid changes in the global business environment and what information security is doing to address those risks.”

Other concerns for IT managers today include the lack of experienced security specialists and new technology that promotes mobile workers.“Because the majority of organisations have built their security system without the mobile component to it, the growing mobile technology is a change they need to get to grips with.” The survey also shows that few organisations actively manage third party security risks. More and more organisations are trading information electronically with clients and suppliers, but security management doesn’t keep track of that extensive use.

More than 1300 companies, governments and non-profit organisations in 55 countries participated in the survey. Two thirds responded that compliance with regulations such as Sarbanes-Oxley or the EU’s 8th Directive is the most important driver of information security.

RELATED TOPICS : IT Security takes back seat to compliance, InfoSec advisory role in decline, Why Bosses worry about security , InfoSec tops CFO concerns , Impact of regulations on IT Security , Executive guide to compliance and security

CATEGORIES : 1compliance, 1survey, 1stats
Rate this post: (Provided by NewsGator)


Post a Comment

Links to this post:

Create a Link

<< Home