Conclusion 01: Security Awareness
Comparing the results of the two surveys show that business executives are more willing to modify business practices in order to boost security, and that security has grown as a priority, but not by much: Security's importance to the enterprise, both as an IT issue and a business issue, has inched up just slightly.
Security is only a slightly more important issue for top IT executives now, but that's mainly because security was already a top priority to them. In August, security rated an 8 on a scale of 1 to 10 as an IT priority; in February, it crept up to 8.3. The same is true of security as a business issue: It rated a 7.3 in August and 7.6 in February.
Companies are slightly more assured about the adequacy of their security systems now, rating their confidence at 7.2 on a scale of 1 to 10, up from 6.8 in August.
We learned in August that IT executives don't perceive their non-IT counterparts as being savvy about security. The events of Sept. 11 didn't change things: IT execs say security awareness hasn't increased significantly outside of the IT department. On a scale of 1 to 10, the mean was 4.5 in August; it's only 4.9 now.
Still, the terrorist attacks seem to have had an impact on non-IT executives. In August, 74% were willing to make changes to the way they did business; that figure jumped to 87%.