Security Can't be Discounted

Published November-17-09 by Deloitte

Deloitte has published the first in a planned series of global studies on security. This first publication, came out of a study of security practices followed by Consumer business organizations around the world. The inaugural study reveals that:

• "Information security is still considered primarily a technology infrastructure issue – 51 percent of respondents identify their top security initiative for 2009 as security infrastructure improvement.
• Respondents acknowledge that their people (including third parties) are the weakest link yet there is little focus on security awareness or training. Managing insider threats received a low 10 percent ranking when respondents were asked about their organization’s top security initiatives for 2009.
• Business continuity and disaster recovery, neglected in the past, are now moving to the forefront. Disaster recovery is the second most mentioned security initiative for 2009.
• Consumer business organizations have a “last one to adopt” approach when it comes to security technology. When asked which category best describes their organization’s adoption of security technology, 52 percent of respondents state that they are “late majority”, meaning that they are content to use technology that is “proven”.
• Security budgets took a hit. In 2009, “lack of sufficient budget” is the barrier most mentioned by 54 percent of respondents, and 26 percent of respondents had their security budgets reduced."

Not surprisingly,the study found a high degree of pressure to reduce costs in these recessionary times. A large number of security budgets have been reduced. The companies seemed to ignore the dictum that recessionary times are actually when security must be made stronger and smarter because of a higher number of disgruntled employees.

The study can be downloaded from the Deloitte site.