Security 2003: Is Your Security Comfort Level Too High?
The results of this month's research are available in Adobe Acrobat PDF format. (To download the free Adobe Acrobat Reader plug-in, click here.)
Is Your Security Comfort Level Too High?
90.2% of CIOs say their domestic security measures are adequate
82.2 % of IT executives say their companies have an information security policy
28.4% of companies do not have a security officer
43.7% of IT executives expect their companies' security spending to increase
40.2% have cancelled plans to increase security due to user complaints
The vast majority of the more than 600 IT executives polled for this month's CIO Insight survey on security management say their domestic security preparations in the face of threats to their information systems are adequate. And yet more than 40 percent expect their spending on IT security to rise.
Meanwhile, the results of the survey suggest that the level of concern with security generally has dropped since Sept. 11the percentage of companies with information security and business continuity plans has not increased since a year ago, for instanceit's still hovering at about 80 percent and 75 percent, respectively.
Yet IT executives still complain about the difficulty of educating employees about security and enforcing security policy. What's wrong with this picture? It may simply be that most companies have adequately prepared for the security threats that matter to them most, and that the additional spending will bring little added value. Or it may be that they are living in a dream world, and that the threat is real, and really increasing. Sadly, only time will tell.