Security Slideshow: Information Security Strategies Found Lacking: PwC

By Bob Violino  |  Posted 10-05-2011

Information Security Strategies Found Lacking: PwC

43%43% of respondents think their company has an effective information security strategy in place and are proactively executing their plans.

Information Security Strategies Found Lacking: PwC

Information Security Strategies Found Lacking: PwC - Page 2

High confidence72% of respondents report confidence in the effectiveness of their organization's information security activities.

Information Security Strategies Found Lacking: PwC - Page 2

Information Security Strategies Found Lacking: PwC - Page 3

Few leadersOnly 13% of respondents prove to be true information security leaders

Information Security Strategies Found Lacking: PwC - Page 3

Information Security Strategies Found Lacking: PwC - Page 4

What's an information security leader?PwC identifies this as having:• an overall information security strategy in place, • a CIO or executive equivalent who reports to top management,• measured and reviewed security policy effectiveness, and • an understanding of the security breaches facing the organization in the past year.

Information Security Strategies Found Lacking: PwC - Page 4

Information Security Strategies Found Lacking: PwC - Page 5

Getting personal43% of respondents say their company has a security strategy for employee use of personal devices.

Information Security Strategies Found Lacking: PwC - Page 5

Information Security Strategies Found Lacking: PwC - Page 6

Mobile strategies37% of respondents say they their company has a security strategy for mobile devices.

Information Security Strategies Found Lacking: PwC - Page 6

Information Security Strategies Found Lacking: PwC - Page 7

Social security32% of respondents say their company has a security strategy in place for social media.

Information Security Strategies Found Lacking: PwC - Page 7

Information Security Strategies Found Lacking: PwC - Page 8

Cloud's impactMore than half (54%) of respondents say that cloud technology has improved security, while 23% say it has increased vulnerability.

Information Security Strategies Found Lacking: PwC - Page 8

Information Security Strategies Found Lacking: PwC - Page 9

Big driverMany respondents (including 64% in industrial manufacturing, 60% in technology and 49% in entertainment and media), say the existence of an Advanced Persistent Threat (APT) is driving their organization's security spending.

Information Security Strategies Found Lacking: PwC - Page 9

Information Security Strategies Found Lacking: PwC - Page 10

16%Only 16% of respondents say their organization is prepared for an APT and has security policies that are able to confront such a threat.

Information Security Strategies Found Lacking: PwC - Page 10

Information Security Strategies Found Lacking: PwC - Page 11

Unusual suspects?17% of respondents identify customers as the source of security breaches, and 15% identify partners or suppliers as the source.

Information Security Strategies Found Lacking: PwC - Page 11