The average company's commitment to risk-based security management is "significant," according to a new study from compliance management company Tripwire. But there's just one problem: The IT side sees the value of risk-based management, but the business side is still perplexed why CIOs and other IT executives are so concerned about it. "The findings from this report strongly indicate that risk-based security management is still viewed as an IT or security task instead of a business task," says Larry Ponemon, chairman and founder of the Ponemon Institute, which conducted the study on Tripwire's behalf. "Unfortunately, the full value of a risk-based approach to security can only be realized when senior business leaders fully participate in the process." In other words, while companies might be moving in the right direction as it relates to security management, until the business side sees both the value of it, only so much will be accomplished. Tripwire’s findings are based on responses from 1,200 IT professionals.
Nonexistent Security Plans Despite the need for a security management program, 47% of IT professionals say that such a program hasn't been deployed in their company.
IT Solutions Builder TOP IT RESOURCES TO MOVE YOUR BUSINESS FORWARD
Which topic are you interested in?
What is your company size?
What is your job title?
What is your job function?
Searching our resource database to find your matches...