Senior Execs 'In the Dark' on Data Center Security

By CIOinsight  |  Posted 10-04-2011 Print Email
Senior managers are often in the dark about the security measures in place in their data centers, while data center managers are often falling short in enforcing existing security policy requirements.

Senior corporate executives are largely unaware of how secure their data centers are, according to a recent McAfee report.

Only 22 percent of data center managers surveyed in a report felt senior management is aware of the company's security preparedness, according to a data center study from McAfee released Oct. 3. There is a "serious disconnect" between what managers think about the security measures in place and what is actually implemented, the survey found.

"It is astounding that almost two-thirds of our respondents say that their management is in the dark about their true security status," said Dan Olds, principal analyst at Gabriel Consulting Group, who conducted the study on behalf of McAfee.

Management "needs to seek out the truth," and data center managers need to be "frank and honest" when discussing strengths and weaknesses of their security mechanisms, Olds said, noting that it is better to discuss potential issues before a security breach. The survey shows that management is "ripe to be blindsided" in the event of a security breach, according to Olds.

The results of the study are strikingly similar to the conclusions reached by PwC in its annual Global Information Security Survey, released mid-September. In the PwC report, 43 percent of those surveyed believe their organizations qualify as "leaders" in how they'd implemented security. In actuality, less than 5 percent of the organizations actually qualify as "leaders."

Most of the executives in the study have a "false sense of security," said Mark Lobel, a principal in the advisory services division of PwC.

Management often views data center security as an expense item that doesn't provide a financial return, said Gabriel Consulting's Olds. "Security is only an issue to management where there is a problem otherwise, it's still a 'why are we spending all this money' question in budget meetings," a respondent told Olds.


Submit a Comment

Loading Comments...