Organisations are taking huge risks on a daily basis and while digital security is being addressed, other vital areas are causing concern. This is according to new research by The Bunker, provider of managed hosting, cloud computing, colocation, and outsourced IT services, into the views of senior IT professionals in UK organisations towards security, risk and compliance.
The firm says 2011 was notable for high profile security breaches reported in the media – Sony, the data security firm RSA, NASA, the European Space Agency, the FBI The British and French treasuries and Citigroup, along with dozens of other companies and government departments were affected. Over two thirds of respondents to The Bunker Security Survey 2012 reported these security breaches have indeed raised awareness, yet almost half have subsequently done nothing to increase their own security measures. Other key statistics from the report include:
Awareness
– Almost 40 per cent of respondents considered at least one aspect of their security to be ineffective, a worrying statistic as those with malicious intent will always attack the weakest point. Digital security tended to be rated most highly, while issues such as data loss and unrestricted employee access to sensitive information continue to cause most alarm.
Attitudes and Accountability
– There is little consensus for who is responsible for the overall ownership of security in UK organisations and remarkably one in three organisations had no C-level or boardroom representation for security. With little accountability for this, corporate governance must be a major concern.
Regulation and Risk
Most of respondents (65pc) were positive when it came to security regulations in their industry, though there is some concern they can be treated as a ‘box-ticking exercise’ and that ‘lip service only’ is frequently applied. There appears to be no sign of a decline in security risks faced by today’s organisations, with a high majority seeing risks increasing in all areas, or at best staying the same.
Commenting on the results
Peregrine Newton, CEO of The Bunker said: “Many businesses fail to give security the attention it deserves until they themselves have been the victim of a breach. Yet by this point the impact will often already have been devastating in both reputational and financial terms. In a difficult financial climate it’s imperative that organisations heed the warnings of previous well-publicised attacks on their peers.”The Bunker Security Survey 2012 report, including the full findings and recommendations to put organisations on the right track, is now available to download from http://www.thebunker.net/security/security-breach-survey-results/
