Visit Our E2 Forums |
Education |
Financial Services |
Government |
Healthcare |
Manufacturing |
Retail
|
||||||
![]() |
||||||
![]() |
||||||
![]() |
![]() |
![]() |
![]() |
![]() |
![]() |
![]() |
Information Security Strategy Lagging in IndiaSudha Nagaraj Bharadwaj, Journalist | 12/27/2012 |
The Global State of Information Security Survey, 2013 by PwC found that 75 percent of respondents in India as opposed to 45 percent of global peers expect their companies to increase spending on information security in 2013, but they’re probably spending it on the wrong things. ![]() The improved economic environment, business continuity, disaster recovery, and regulatory compliance are the main reasons for the increase in spending. Before CIOs spend their budgets, they should know that there are several potential issues with Indian CIO security habits revealed by PwC’s India specific report. While 45 percent thought they had all the attributes of an information security leader, the report found only 15 percent could say they had all of the following basic requirements for good security: an overall information security strategy; a chief security office (or equivalent); reviews of the effectiveness of information security practices within the past one year; complete knowledge of security events in the past year. While 80 percent were confident that their organizations had instilled effective security behavior in their work culture, the truth was entirely different. Only 32 percent actually incorporated information security into a project at inception. 29 percent brought it in at the design and analysis phase; 13 percent thought of it only during implementation; and one in six admitted that it was brought in on an as-needed basis. Most of them lacked an incident-response process to report and handle breaches at third-party sites and there was no compliance requirement for third parties regarding privacy policies. While there was a three-fold increase in reported security breaches -- mostly traced to employees -- the financial losses incurred showed a dip. A closer look has revealed that while a majority of companies count the loss of customer business, many of them neglect to factor in damage to brand and reputation, audit and consulting services, investigation and forensics, legal defense services, and costs of court settlements. So the dip is probably, in fact, a hump. The most disturbing trend, however, is the decline in the use of basic information security detection technologies and a relaxation of fundamental security principles. Companies have reduced use of malicious code detection tools, tools for spyware, and adware and intrusion detection tools. Use of tools for vulnerability scanning, security event correlation, and data loss prevention have also decreased. Policies defining backup and recovery, business continuity, user administration, application security, physical security, and management practices like segregation of duties have all seen a decline. Though India is one of the fastest growing mobile technology markets, adoption of security strategies for mobile (46 percent), social media (37 percent), and cloud (31 percent) are lagging. Interestingly, 52 percent of the respondents had a security strategy to address personal devices in the workplace, but only 38 percent had malware protection for mobile devices, indicating a lag between strategy and basic execution. The report paints a rather bleak picture of current Indian security practices. So it is a good thing that they are spending more. What are the lessons from these findings CIOs can use to make next year’s spending more meaningful? Clearly, CIOs or CISOs should:
The blogs and comments posted on EnterpriseEfficiency.com do not reflect the views of TechWeb, EnterpriseEfficiency.com, or its sponsors. EnterpriseEfficiency.com, TechWeb, and its sponsors do not assume responsibility for any comments, claims, or opinions made by authors and bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose. |
![]() |
![]() |
![]() |
More Blogs from Sudha Nagaraj Bharadwaj
Sudha Nagaraj Bharadwaj 5/13/2014
![]() Internet surveillance in India is turning really fierce. A Facebook transparency report reveals that the social network removed 4,765 pieces of content originating in India in the second ...
Sudha Nagaraj Bharadwaj 4/30/2014
![]() With the growing importance of enterprise data, big data, and the Internet of Things, the Indian CIO will be forced to wear the cap of the CDO as well. Though the Chief Digital Officer ...
Sudha Nagaraj Bharadwaj 4/25/2014
![]() The much-dreaded April 4 deadline for certification of imported electronic products in India has passed. The Department of Electronics and Information Technology (DeitY) had mandated that ...
Sudha Nagaraj Bharadwaj 4/18/2014
![]() India will soon offer reliable, affordable, and efficient cloud services for the private sector through a unique government-private sector joint effort. With an eye on helping the micro, ...
Sudha Nagaraj Bharadwaj 4/11/2014
![]() If you are a CIO hiring or planning to hire IT professionals for onsite projects in the US, you will have to wait to see if luck favors you this season. For the second year in a row, the ...
E2 IT Migration Zones
![]() Why PowerShell Is Important
Reduce the Windows 8 Footprint for VDI
Rethinking Storage Management
![]() SQL Server : 240 To de mémoire flash pour votre data warehouse
Quand Office vient booster les revenus Cloud et Android de Microsoft
Windows Phone : Nokia veut davantage d'applications (et les utilisateurs aussi)
![]() Cloud Computing: Warum Unternehmen trotz NSA auf die „private“ Wolke setzen sollten
Cloud Computing bleibt Wachstumsmarkt – Windows Azure ist Vorreiter
Like Us on Facebook
Site Moderators Wanted
Enterprise Efficiency is looking for engaged readers to moderate the message boards on this site. Engage in high-IQ conversations with IT industry leaders; earn kudos and perks. Interested? E-mail:
moderators@enterpriseefficiency.com SPONSORED BY DELL
CASE STUDIES
![]() EBOOKS
![]() PUBLIC SECTOR RESOURCES
![]() VIDEOS
![]() ![]() ![]() ![]() WHITE PAPERS
![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() WINDOWS SERVER 2012 RESOURCES
![]() ![]() ![]() A Video Case Study – Translational Genomics Research Institute |
||
![]() |
||||||
![]() |
||||||
![]() |
||||||
|