2010 TMT Global Security study
Following last year’s widespread cost-cutting initiatives due to the global economic downturn, technology, media and telecommunications (TMT) organization’s spending on security appears to be bouncing back―albeit modestly―in anticipation of renewed economic growth. The key question is whether these relatively small budget increases will make up for the ground lost during the recession.
The study is based on in-depth research and detailed interviews with nearly 150 TMT organizations around the world. This year’s research has been part of a global, cross industry program which has provided new and valuable insights about security in the TMT industry as compared with other industries.
Senior professionals in Deloitte’s Information & Technology Risk Services practice conducted focused discussions with information technology executives of leading global technology, media and telecommunications organizations.
Key findings of the survey:
At the time of the 2009 Global Security Study, the economy was in the deepest depths of a global recession and organizations were reviewing and cutting costs everywhere they could–including security.
The damage done by last year’s budget cuts is reflected this year in respondents’ responses: 57 percent of organizations polled believe they are falling behind or still catching up in dealing with security threats. Only one-third of the respondents believe they are “on plan”–compared with 60 percent in the 2009 study.
- Cloud computing could fundamentally change how IT services are delivered–but only if its security and privacy challenges can be resolved.
- Combating organized crime: Information security is now an issue of national security.
- Security in mergers and acquisitions: The right approach to information security can improve business agility.
- Maintaining trust online: Organizations need to protect their digital assets in a world where thieves and cheats are just a click away.
- Nature versus nurture: Internal security risks and human error can never be entirely eliminated. But with the right combination of training and data protection, they can be reduced to manageable levels.
- Weak links: To ensure a high level of security across the entire value chain, technology, media and telecommunications organizations must take an active role in identifying and verifying that their partners’ capabilities and controls are up to the challenge.
- More than IT: Information security is being recognized as a business issue, not just an IT issue.