In the rush to move into cloud computing, deploy mobile devices and leverage social media, a growing gap is developing between organizations' business needs and their ability to tackle new and complex security threats, according to Ernst & Young LLP's 14th annual Global Information Security Survey. Although 72 percent of the 1,700 worldwide IT and security executives surveyed see increasing levels of risk due to external threats, and more companies are likely to adopt mobile tablet usage, security implementation is still low, the report says. Only about one third of respondents, surveyed online between June and August 2011, have updated their information security strategies in the past 12 months. "Information security is one of the most important issues companies face today, and strategies need to be refined to adjust to an ever-changing environment and resulting security risks," says Bernie Wedge, Americas IT risk and assurance leader at Ernst & Young. "Mobility and networking are here to stay. The best-protected companies are those that are proactive, detecting and managing minor issues before they become major incidents, and for many companies, this means the current mindset needs to change from a focus on short-term fixes to a holistic, strategic approach."
Only 12% of respondents are presenting information security topics at each board meeting and less than half (49%) say their information security function is meeting the needs of the organization.
This article was originally published on 11-11-2011