Archive for January, 2008

10th Global Information Security Survey by Ernst & Young

The 10th Annual Ernst & Young Global Information Security Survey has been released and it reveals that companies are still failing to implement a holistic approach towards Information Security as the security function remains too isolated from executive management and the strategic decision-making process.

Below are highlights of the survey results:

-Meeting business objectives is a growing focus of information security.

-Information security is now more integrated into overall risk management.

-Information security remains isolated from executive management and the strategic decision making process.

-Improving IT and operational efficiency are emerging as important objectives.

-Compliance continues to be primary driver of information security improvements.

-Privacy and data protection have become increasingly important drivers of information security.

-Organisations rely on audits and self-assessments to evaluate the effectiveness of their information security programs.

-Organisations are demanding more from vendors and business partners in managing third-party relationships.

-The greatest challenge to delivering information security projects continues to be the availability of experienced IT and information security resources.

Click here to download the survey.