Security measures jeopardise regulatory compliance

Businesses must tackle compliance issues, says vendor McAfee

The Data Protection Act is the largest compliance concern for UK businesses

Just half of compliance professionals have confidence in existing security measures being used by UK businesses to prevent data leaks, according to research by security vendor McAfee.

Some 84 per cent cited the Data Protection Act as the number one compliance concern for UK businesses, while worries about mobile data storage devices, email and physical documents are also rife.

'Compliance is a vast issue for businesses to tackle and whilst IT security has been identified as a critical part of this, it is important to note that for companies to successfully meet the legislative requirements, IT is going to need to work closely alongside those with a compliance professional role to ensure this problem is being tackled effectively,' said Martin Carmichael, chief security officer, McAfee.

Three quarters (73 per cent) of respondents believe the pressure to respond to compliance requirements will increase during 2007 and only 34 per cent of respondents have evaluated how much compliance costs their business.

The survey found that within an organisation, one person is rarely dedicated to meeting compliance regulations. Only 17 per cent of respondent’s held the title of ‘compliance officer’ with 25 percent considered ‘risk managers’ and 19 per cent that hold an IT position.

The research shows that compliance touches a number of business functions.

Increased reporting has led to an identification of the importance of the role that IT security plays in the compliance proceedings. Some 86 per cent of compliance experts identified security as the number one compliance concern relating to IT, while 61 per cent also felt this is the most complex area to manage and existing security measures do not protect the organisation against data loss.

In terms of budget allocations, 42 per cent have a dedicated budget for IT compliance questioning whether the remaining 58 per cent are losing crucial budget to other areas of the business.

The biggest known compliance cost appears to be internal resources with 53 per cent citing this as the main area where budget is being spent.