Financial companies focus on InfoSec.Most financial services The examples and perspective in this article or section may not represent a worldwide view of the subject. Please [ improve this article] or discuss the issue on the talk page. institutions around the world are addressing information security concerns through awareness and education programs, and by appointing a chief security or chief information security officer, according to a new study conducted by Deloitte Touche Tohmatsu Deloitte & Touche (also referred to as Deloitte Touche Tohmatsu, and branded as Deloitte.) is the second largest professional services firm in the world, and one of the Big Four auditors, along with PricewaterhouseCoopers, Ernst & Young and KPMG. . More than 60 percent have or plan to establish CSO (Chief Security Officer) The person in charge of all staff members who are responsible for promulgating, enforcing and administering security policies for all systems within an enterprise or division. or CISO See CSO. positions in the next two years, helping to ensure that information security is "perceived as a risk management expenditure rather than an obscure line item in the IT budget," according to the report. Indeed, most respondents reported that general management now appreciates the value of IT security as a risk management tool, business enabler, or business strategy prerequisite, while fewer than one-quarter said IT was viewed as a "necessary evil." Despite these positive comments, security budgets remain low. On average, only 6 percent of the total IT budget was dedicated to information security, with 68 percent of the respondents characterizing their organization's information security spending as "moderate" or "conservative" in relation to their perception of other organizations' spending. Moreover, most companies interviewed indicated that they were not confident of being well protected from cyberattacks such as hacks or denial of service attacks. Fewer than one-third of the respondents were "very or extremely" confident in their ability to protect against internal cyberattacks, and just over half had the same level of confidence in attacks launched by outsiders. The survey of dozens of global institutions looked at eight security areas: governance, investment, value, risk, responsiveness, use of security technologies, quality of operations, and privacy; it also looked at geographical regions. With regard to regional issues, respondents were grouped into four areas: Europe, Middle East, Africa (EMEA (Europe, Middle East, Africa) Refers to that region of the world. For example, one might see products packaged differently for the UK, EMEA and Asia Pacific markets. ); Asia Pacific (APAC APAC Australian Partnership for Advanced Computing APAC Agricultural Policy Analysis Center APAC Asia and Pacific APAC Asian Pacific American Coalition APAC Adapted Physical Activity Council (American Alliance for Health) ): Latin America and the Caribbean (LACRO); and North America EMEA respondents were concerned about differences in laws and regulations among countries, while APAC respondents were late adopters of most security technologies and worried about the increased sophistication so·phis·ti·cate v. so·phis·ti·cat·ed, so·phis·ti·cat·ing, so·phis·ti·cates v.tr. 1. To cause to become less natural, especially to make less naive and more worldly. 2. of cyberthreats. LACRO respondents used biometrics the most and vulnerability testing the least. @ Read the full 2003 Global Security Survey by visiting SM Online. |
|
||||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion