TMT companies “treading water” when it comes to security and privacy
Deloitte global survey reveals need for increased security and privacy investment in the New Year
Technology, Media and Telecommunications (TMT) businesses must increase their security efforts and investments to keep up with threats, according to a global security report launched today by Deloitte. The report reveals business-wide operational and technical challenges among TMT companies who will struggle to meet basic security standards in 2008 and beyond.
James Alexander, technology security partner at Deloitte, comments:
“When it comes to security, the majority of TMT companies are managing to keep their heads above water. In the 12 months preceding the survey, the majority of companies successfully avoided a major security crisis, with 69% of respondents saying they are “very confident” or “extremely confident” about their organisation’s effectiveness at tackling external security challenges.
“However only a few increased their security capabilities to the point where they now feel as if they are ahead of the problem, with just 7% of TMT companies believing they are prepared for future security threats.
“Although security investments generally climbed over the past year, the increases were often just enough to offset the rising volume and complexity of threats. Only 5% of companies increased their security investment by 15% or more. And half allocated less than 3% of their IT budget to security.
“Something that many organisations overlook is the source of the threat. The most dangerous threats come from within, with 75% of companies citing “human error” as one of the root causes for security failures – putting it ahead of operations and technology.
“One of the most alarming results of the survey is attitudes towards customer data. News stories about the loss or theft of sensitive customer data are increasingly common place, and according to the survey incidents that make the headlines are just the tip of the iceberg. Only 53% of companies publicly disclose the loss of customer data, and many only do so in situations where disclosure is required by law. The risk of data loss is not going to go away and the potential impact to brand and reputation for TMT companies who store and process not only customer data but digital content is huge.
“Fortunately, many TMT companies are starting to focus significant attention to this area. Among respondents, 33% have assigned a dedicated executive for privacy issues and 72% have plans to establish a privacy program in the near future.
“The global survey also reveals a change in attitudes toward developing a governance framework around security. The number of Chief Information Security Officers (CISOs) appointed in the companies surveyed increased from 57% to 65% in the past year. This type of leadership to drive the information security governance framework reveals a long-term commitment to information security among global TMT companies who must focus on keeping ahead of the game”
Other key findings:
The global survey respondents included TMT companies from across all three sectors, 44 percent of whom employ between 5,000-50,000 employees and 47 percent of whom report revenue between US$1 billion and US$10 billion.
In this press release references to Deloitte are references to Deloitte & Touche LLP which is among the country’s leading professional services firms, providing audit, tax, consulting and corporate finance services. Deloitte & Touche LLP is the United Kingdom member firm of Deloitte Touche Tohmatsu (‘DTT’), a Swiss Verein whose member firms are separate and independent legal entities. Neither DTT nor any of its member firms has any liability for each other’s omissions. Services are provided by member firms or their subsidiaries and not by DTT. Deloitte & Touche LLP is authorised and regulated by the Financial Services Authority. The information contained in this press release is correct at the time of going to press.