PERSONAL FINANCE
+ Return to investing
+ US real estate
+ Post-work worries
+ More...
SMEs
+ Use your assets
+ Surviving in tough times
+ How CAs can add value
+ Entering foreign markets
+ Valuing small firms
+ Expanding the biz
+ More...
IFRS AND ISA
+ IFRS and Canadian GAAP
+ New auditing standards
+ Gauging ISA adoption
+ IFRS and audit firms
+ More...
TECHNOLOGY
+ ERP and PSA survey
+ BI/CPM survey
+ CRM survey
+ More...
WORKPLACE
+ Diversity in the profession
+ CSR is worth it
+ Health and productivity
+ Preventing fraud
+ Chronological resumes
+ Expense fraud on rise
+ Gen X, Gen Y
+ Meeting time-savers
+ Bonuses still top reward
+ More...
CA STUDENTS
+ Articling in industry
+ Destination: CA
EXPERTISE
+ Global transfer pricing
+ More...
Information security spending to climb
Despite tightening economies worldwide, 50% of companies surveyed are set to increase their information security budgets, Ernst & Young reports.
“A single security incident can destroy years of brand and reputation building,” says Kent Kaufield, Ernst & Young’s national technology security risk services leader in Canada. “Organizations now recognize security setbacks can adversely affect stakeholder perceptions. Regulatory compliance once drove information security improvements. Today, however, organizations are strongly motivated by a need to protect their brand and their reputation against potentially devastating media coverage of security breaches.”
Ernst & Young’s 2008 Global Information Security Survey found most respondents believe a security incident would have a greater impact on reputation and brand than on revenue. Eighty-five percent cited damage to reputation and brand as significant, compared with 72% for loss of revenue. Only 68% cited regulatory sanction.
“It’s crucial for organizations to spend their information security budgets wisely. It’s not enough to simply fund technical solutions such as encryption. Businesses need to develop training and awareness programs, and adopt more sophisticated testing techniques,” Kaufield says.
The survey canvassed nearly 1,400 senior executives in more than 50 countries. Only 5% of those surveyed plan to decrease their current information security budgets. Other key findings include:
- International information security standards are gaining greater acceptance and adoption.
- Many organizations still struggle to achieve a strategic view of information security.
- Privacy is now a priority, but actions are falling short.
- People remain the weakest link for information security.
- Growing third-party risks are not being addressed.
- Business continuity is still bound to information technology.
- Most organizations are unwilling to outsource key information security activities.
- Few companies hedge information security risks with cyber insurance.
