The 10th Annual Ernst & Young Global Information Security Survey has been released and it reveals that companies are still failing to implement a holistic approach towards Information Security as the security function remains too isolated from executive management and the strategic decision-making process.
Below are highlights of the survey results:
-Meeting business objectives is a growing focus of information security.
-Information security is now more integrated into overall risk management.
-Information security remains isolated from executive management and the strategic decision making process.
-Improving IT and operational efficiency are emerging as important objectives.
-Compliance continues to be primary driver of information security improvements.
-Privacy and data protection have become increasingly important drivers of information security.
-Organisations rely on audits and self-assessments to evaluate the effectiveness of their information security programs.
-Organisations are demanding more from vendors and business partners in managing third-party relationships.
-The greatest challenge to delivering information security projects continues to be the availability of experienced IT and information security resources.
Click here to download the survey.