Tech firms risk 'catastrophic' breaches of data security

Crucial sector told to treat IT security as a business issue or face disaster

Written by Tracey Calwelll

Information World Review, 04 Feb 2008

Technology, media and telecoms (TMT) companies have not got to grips with information security and risk catastrophic security breaches, according to a survey by Deloitte Touche whose findings have been described as “scary” by one expert.

Although 69% of over 100 global TMT companies surveyed felt they were addressing current security threats, only 7% felt prepared for future threats. Half the survey respondents allocated less than 3% of their budget to security.

James Alexander, head of the Deloitte UK TMT security team, said: “This isn’t just an investment thing. Quite often security is defined by external threats and seen as an IT issue. We would advocate it being a business issue. There needs to be a better alignment with the business, and awareness and focus on the most relevant risks.

“As the TMT sector has evolved and converged, the impact of some security threats and issues has grown. They are doing more than just providing a phone line now; they are controlling content and data.”

The report’s recommendations include appointing a head of security, better assessing risk, prioritising access and identity management, and splitting the security effort between internal and external threats.

Duncan Hume, security analyst at Bell Micro, said that the report held serious implications for CEOs: “Some 49% of those responding think that compliance is ‘somewhat effective’. That will be little comfort for CEOs who end up in jail. Sarbanes-Oxley is not a toothless tiger.

“Of all the data provided in this comprehensive report my favourite has to be the 2% of senior executives who, when asked how often they’d like to provided with their company’s security status reports, specifically request not to be informed. Now that’s scary.”

Bill Rann, global head of governance practice at BT Global Services, told IWR: “The fact is that businesses still aren’t always getting the basics right ­ it’s simple mistakes such as failure to encrypt sensitive data. The problem often stems from the boardroom. Security and compliance must be sustainable and strategic considerations; otherwise, organisations will remain two steps behind today’s ever more sophisticated cyber-criminal.”

Tags:

reader comments

related articles

 

Enterprises ignoring data security and privacy

Deloitte global survey warns of impending disaster 09 Jan 2008

Research highlights continuing data loss fears

Deloitte report finds firms are underinvesting in security 11 Jan 2008

Data breach bosses 'should go to jail'

It's the only way they'll listen to us, say security experts 08 Apr 2008

related whitepapers

today's top stories

Communications

CIOs must embrace collaboration tools

Author Don Tapscott gives Angelica Mari his reasons for promoting social networking tools and says transparency is the key to security 04 Dec 2008

Communications

On a quest to build a connected society

BT Design’s JP Rangaswami talks to Gareth Morgan about his pivotal role in the telecoms giant’s efforts to deliver universal broadband and his plans to tap into the creativity of the open source community 04 Dec 2008

Management

IT leaders must stand by India

A sense of perspective is the most important response from IT leaders to the attacks in Mumbai 04 Dec 2008

Hardware

Case study: Clifford Chance

Law firm implements Sun platform and reduces datacentres to gain efficiency and cost synergies 03 Dec 2008

Communications

Should CRM be more sociable?

As vendors rush to add more social networking bells and whistles to their CRM products, some experts warn that users must tread carefully when venturing into online communities 03 Dec 2008

> More news

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

Existing User

Newsletter user login:

Advertisement

Jobs

Related jobs

Job of the week

> More IT vacancies

Job alerts

  • Latest jobs to your inbox
Sign up here

Find your next job

IT Salary Checker

  • Are you being paid what you are worth?
Check salary here

Advertisement

White papers

Search white papers

Top categories

VPN, Extranet and Intranet Solutions

WAN/ LAN Solutions

Network Security

Interoperability-Connectivity

Grid/ Utility Computing

Latest poll

Will the terrorist attacks in Mumbai affect your offshoring plans?

Will the terrorist attacks in Mumbai affect your offshoring plans?

Is India becoming a risky destination?

Previous poll results

> More polls

Latest audio and video articles

Padlocked CDVideo

Technology and privacy

Watch the final video in a two-part Computing roundtable debate on the importance of putting data privacy issues at the heart of your IT plans 02 Dec 2008

Podcast imageAudio

Computing podcast - Standard Life's offshoring plans; and the prospects for government IT

The insurance giant outlines its new outsourcing strategy; and we ask if the government's economic bailout will affect its IT plans 28 Nov 2008

> More audio and video

Latest in-depth articles

Doctors looking at a computerAnalysis

Watchdog wants IT to cure privacy woes

Information Commissioner Richard Thomas is urging organisations to put privacy protection at the top of their procurement and development criteria 04 Dec 2008

Colin McDonaldComment

Web 2.0 has potential to transform staff training

Employees can sharpen their IT skills through using the latest interactive training tools, writes Colin McDonald 04 Dec 2008

> More in depth articles

Advertisement

Primary Navigation