CIOs need wake up call about security practices
VAR_Staffing / VAR Staffing
As technology becomes an increasingly important part of the businesses world, the need also grows for a sound security strategy. IT Prinicpals have a number of things to consider when laying out and implementing security policies. Having reliable resources that can handle the ever-evolving landscape can be the difference. These strategies, however, need to be constantly tweaked, updated and audited to remain effective – something not many companies are doing.
A survey from CSO Magazine and PricewaterhouseCoopers (PwC) looked at global security and found some surprising numbers. Of the 9,600-plus businesses and technology execs surveyed, 43 percent considered themselves to be security frontrunners, have implemented sound strategies and are executing them effectively.
Mark Lobel, the principal with PwC, said something must be wrong if that is how organizations see themselves. PwC then took the responses of the survey and started filtering them by a number of factors, including whether IT security reported to senior leadership, if policies had been reviewed in the last year and if the company had suffered a breach. After finishing the analysis, the number of frontrunners dropped to 13 percent.
Complacency and good fortune are a few of the factors Lobel cites as why CIOs believe they have a better strategy than they actually do. If nothing bad has happened to your company, it can be easy to consider that your setup is working. Businesses are also spending money on preventative security measures like firewalls but there is more to a well rounded system than that.
"It's good to see the investment in technologies," said Lobel. "However, the data shows they're not making investments in the processes necessary to make sure security policies are in place so [technology] works in sync to defend the enterprise."
IT Principals are spending money on security solutions but they need the impactful talent and policies to ensure employees follow through and offer the flexibility to answer the breadth of IT challenges.