Threat of Security Breaches Is an After-Thought in the Rush to Adopt New Technologies and Media

In the rush to utilize new technologies and move into the increasingly borderless world of cloud computing, mobile devices and social media, a growing gap is developing between global organizations' business needs and their ability to tackle new and complex security threats, according to Ernst & Young's 14th annual Global Information Security Survey released today. Moreover, though 72% of respondents see increasing levels of risk due to external threats, and more companies are likely to adopt mobile tablet usage, security implementation is all in all low. The survey as well reports that only about a third of respondents have updated their information security strategies in the past 12 months.

The most important issues companies face today

"Information security is one of the most important issues companies face today, and strategies need to be refined to adjust to an ever-changing environment and resulting security risks," said Bernie Wedge, Americas Information Innovation Risk and Assurance leader at Ernst & Young LLP. "Mobility and networking are here to stay. The best-protected companies are those that are proactive, detecting and managing minor issues previously they become major incidents, and for many companies, this means the current mind-set needs to change from a focus on short-term fixes to a holistic, strategic approach."

In addition, the study found that during 80% of organizations currently are using or considering using mobile tablets and 61% are using or considering the use of cloud computing services within the at once year, the threat of security breaches has become an afterwards-thought as companies adapt to the rapidly changing landscape.

The survey of 1700 organizations around the world in more than 25 sectors as well found that cloud computing is the top security funding priority for the straightway year.

Overall, for the second consecutive year, respondents have indicated that business continuity is their top funding priority.

The advanced

"The advanced, persistent threat - or APT - is a game changer for companies, and as a result, cyber-security needs to be among an organization's top three investments for 2012," said Jose Granado, Ernst & Young LLP's Americas Leader for Information Security Services. "In a mobile, borderless environment, the human is the new perimeter when it comes to protecting data. The approach to protecting the organization needs to combine people, processes and research."

Despite the compelling story for cloud adoption, many organizations are nevertheless unclear about the implications of the cloud and are increasing their efforts to better understand the impact and the risks. In 2011, 48% of respondents listed the implementation of cloud computing as a difficult or very difficult challenge, and more than half have not implemented any controls to mitigate the risks associated with cloud computing. The most frequently taken measure is stronger oversight of the contract management process with cloud providers, nevertheless only by 20% of respondents even do this, indicating a high and possibly misguided level of trust.

The adoption of tablets

The adoption of tablets and smartphones ranked second-highest on the list of innovation challenges perceived as most significant, with more than half of respondents listing it as a difficult or very difficult challenge. Policy adjustments and awareness programs are the top two measures used to address risks posed by this new mobile innovation. The adoption of security techniques and software, nevertheless, is however low. To illustrate, encryption techniques are used by fewer than half of the organizations.