Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Analysis: Experts discuss security in a recession

leave a comment »

Benchmarking study highlights where firms are failing

Phil Muncaster, vnunet.com 27 Feb 2009

A recent benchmarking study by PricewaterhouseCoopers (PwC) suggests that much work still needs to be done to ensure that a combined IT and corporate security function is adequately prepared to protect businesses from 21st century threats.

The consultancy firm approached 10 of its FTSE 100 clients to carry out the study, finding that many lacked a joined up approach to security which led to silos in IT security, as well as other areas like anti-terrorism and intellectual property infringement, without any cohesion.

The exercise resulted in six key findings, including the need for greater collaboration between departments, and better understanding of the risks from third parties as more and more services are moved offshore.

The rest of the article here

The six key findings are here:

1) The need for better business continuity plans and infrastructure

2) Not enough “Risk Analysis”

3) Lack in better vetting of employees

4) Lack of understanding of information assets and their classification

5) Lack of good leadership in IT security

6) The need for better collaboration between departments

PWC also noted the following:

Cost-cutting has led in some cases to firms outsourcing and offshoring more business-critical processes than ever before, which increases the risk of data loss, Frost warned.

“It is unfortunate that information security teams rarely get involved [at the beginning], and the level of involvement needs to increase,” he said.

Well, there you have it. Condensed down to some bullet points are the malaise that hamper information security from functioning properly in a preponderance of companies today. Of course there are more, but, it would be too long to go into it all here. Believe me, I have seen this in many places and they are pretty much on the mark here. What is more scary though, as my posting from yesterday points out, is all that outsourcing going on.

As we sink deeper into recession (or depression) one has to wonder if all of these things will just be forgotten and thrown by the wayside….

Written by Krypt3ia

2009/03/03 at 00:09

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: