Security survey shows struggle to control cloud computing, social media and mobile risks

By , Network World |  Security, Mobile Security, Social Networking

Many CIOs and chief information security officers are struggling to adapt security practices to a changing environment that includes cloud computing, social media and tablets , according to a survey of 1,850 such IT pros.

The Ernst & Young 2012 Global Information Security Survey published today found cloud computing to be one of the main drivers of business model innovation and IT service delivery, with 59% of respondents saying they use or plan to use cloud services. But 38% admitted they have not taken any measures to mitigate risks.

Use of social media in business is prevalent, but 38% of the CIOs and CISOs surveyed say they don't have a coordinated approach to address risks, such as defending the organization's brand or determining how employees use work time to engage in social media.

The Ernst & Young survey indicated that 31% of respondents said they saw an increase in the number of security incidents compared to the previous year.

SECURITY: DDoS attacks against banks raise question: is this cyberwar?

Another technology game-changer, use of mobile devices, such as tablets and smartphones, is compelling "policy adjustments," according to over half of these IT professionals who hail from the financial industry, insurance, high-tech, government, and various industrial, retail and utility sectors from all around the world.

More than one-third say that company-owned mobile devices have been adopted but use of personal devices is not allowed for business. The survey found that 36% have acquired mobile-device management software and 31% now have a "governance process to manage the use of mobile applications." Encryption plays a central role for 40% of CIOs and CISOs surveyed.

In terms of budgets for the next 12 months, 30% said they expect information security funding increasing from 5% to 15%, while 9% of respondents anticipate a budget increase of 25% or more. Security budgets are expected to remain the same for 44%. About a third said they spend at least $1 million per year on information security.

Just over half said the area of highest priority for them is business continuity, including management and disaster recovery. But one surprise, the report states, is that the second-highest priority is "a fundamental redesign of their information security program."

Originally published on Network World |  Click here to read the original story.
Join us:






Answers - Powered by ITworld

Ask a Question