There is a growing need for organisations to take a proactive rather than reactive approach to enterprise information security using intelligent security capabilities to reduce risk, according to a study by Coleman Parkes Research, commissioned by HP.
According to the Security and Risk Management findings, while Australian organisations are becoming more proactive in their approach to security, more focus is being placed on reactive security measures.
Over half of the respondents said time and budget spend on reactive security outweighs investments in proactive measures. Fifty per cent said they currently had an information risk-management strategy in place, and 57 per cent manually consolidate information risk-management reports or do not measure risk at all.
Executives surveyed also expressed concern that new technologies present unfamiliar and complex security problems, with Cloud computing at the top of the list. At the same time, over three quarters of respondents believe that Cloud services can be as secure as on-premise datacentres. HP suggests that the problem is an education issue, rather than a technology issue.
There is some light at the end of the tunnel, though. Ninety-three (93) per cent of respondents said their organisations’ security leadership has a seat at the tablet with other C-level executives, and 78 per cent indicated they are exploring security information and event management (SIEM) measures.
Other key IT trends identified by executives that are adding complexity to enterprise security management include:
- Mobility - 90 per cent indicated difficulties in central device management while 68 per cent indicated that the proliferation of mobile devices increases the potential for data loss or theft.
- Big Data - 83 per cent of respondents cited difficulties protecting and consuming big data.
- Identity management - Respondents indicated that the biggest issues around identity management are data protection (85 per cent) and identity governance (75 per cent).
- Printer-based intrusions - Although data security is a priority, 85 per cent of respondents do not have printing security solutions in place, which makes them vulnerable to printer-based intrusions and misappropriation of printed documents.