Security Slideshow: Ernst and Young: Information Security Report Card

By Dennis McCafferty  |  Posted 11-11-2010

60 percent

60 percent of respondents feel that the use of social networking, cloud computing and personal mobile devices increase enterprise security risk.

60 percent

3 percent

Only 3 percent of respondents feel that the use of these devices is decreasing the level of enterprise risk.

3 percent

46 percent

46 percent of respondents say their company's annual investment in information security is increasing.

46 percent

6 percent

Only 6 percent of respondents say their annual investment in information security is decreasing.

6 percent

64 percent

64 percent of respondents say that a lack of security awareness on the part of employees is a significant or considerable challenge to effectively delivering information security initiatives.

64 percent

53 percent

53 percent of respondents feel say increased workforce mobility is a significant or considerable challenge to effectively delivering information security initiatives.

53 percent

60 percent - Page 7

33 percent33 percent of respondents say that social networking is a significant or considerable challenge to effectively delivering information security initiatives.

60 percent - Page 7

30 percent

Only 30 percent of respondents say they have an IT risk management program in place that addresses the increasing risks related to the use of these new technologies.

30 percent

50 percent

50 percent of respondents plan to spend more on data leakage/data loss prevention technologies and processes over the next year.

50 percent

48 percent

48 percent of respondents say their enterprise defines specific requirements for telecommuting to control data leakage of sensitive information.

48 percent

45 percent

45 percent of respondents say their enterprise protects sensitive data by restricting or prohibiting the use of instant messaging or e-mail.

45 percent

76 percent

76 percent of respondents include general information about security topics within their organization's security-awareness program.

76 percent

34 percent

Only 34 percent of respondents say their organization's security-awareness program includes information updates on the risks associated with social networking.

34 percent

15 percent

15 percent of respondents say their enterprise does not have a security-awareness program.

15 percent