Wall Street & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


01:22 PM
Connect Directly

Three Out Of Four Say Business Security Has Improved

But people issues and organizational changes resulting from mergers, acquisitions, and outsourcing still pose challenges.

Nearly 30% of IT security pros say they have little or no confidence that their companies detected all data security beaches last year, according to a new survey.

In addition, about 26% of survey respondents rated their current IT environments as more vulnerable than a year ago, according to the study of 100 senior IT and data security professionals by Forsythe Technology Inc., a vendor of IT infrastructure products and services.

Many of the survey respondents blamed increased security vulnerability on organizational changes and "people issues," including mergers and acquisitions and outsourcing, says Pamela Fredericks, Forsythe manager for security advisory services.

"Often, there aren't enough people resources for security tasks or security roles were not well defined," Fredericks says.

Also, when organizational changes occur—such as new outsourcing arrangements, new application deployments, or mergers or acquisitions—there isn't a clear definition of who's responsible for responding to security breaches if they occur, she says.

Meanwhile, 43% of the respondents said policy, process, and procedure issues will consume the most time and effort this year in their organization's IT security programs. Access control and identity management ranked second, with 35% of respondents saying those security issues will consume the most time and effort this year.

The survey's good news was that nearly three-quarters of the respondents said they feel their companies are less vulnerable to security breaches than a year ago.

Among the factors fueling their confidence was their companies' compliance with regulatory demands, such as documenting security controls. "This exercise, which requires an assessment of different security procedures, helps them feel less vulnerable," says Fredericks.

Other reasons respondents cited for feeling less vulnerable also include people issues, including the addition of a security officer, improved awareness and education, and executive support of IT security issues. Marianne Kolbasuk McGee is a former editor for InformationWeek. View Full Bio

Register for Wall Street & Technology Newsletters
Exclusive: Inside the GETCO Execution Services Trading Floor
Exclusive: Inside the GETCO Execution Services Trading Floor
Advanced Trading takes you on an exclusive tour of the New York trading floor of GETCO Execution Services, the solutions arm of GETCO.