Saturday, June 11, 2011

Updating A Security Program

Companies that have a security policy (don't all of them?) need to update it regularly. This has been a basic precept of good security. But in modern times, it still is not always done and the times point even more than ever to the need for it.

Ernst & Young has released a document called "Information Security in a Borderless World" in which it points out, based on a survey, that many companies feel their security risk has increased. The reasons relate to the increasing incidence of global attacks, the increase in cloud computing and the use of mobile devices. On the latter, the study points out that banning mobile devices will actually increase security, contrary to the instincts of some companies.

Because of the current high risk environment, a corporate risk profile needs to be constantly revised. The study addresses three key questions to ask:

  • What is your organization’s risk culture?
  • Are you detecting and monitoring threats inside and outside the organization?
  • Have you anticipated new technology risks, such as mobile devices, social media and cloud computing?
You can download a free copy of the study from the E&Y website.

No comments: