Wednesday, May 27, 2009

Security: Reductions in spending by TMT firms raises concerns of increased vulnerabilities

[all africa] COMPANIES in the technology, media and telecommunications industries significantly reduced investment in security spending last year.

Social media tools and regulatory issues were areas of concern for businesses. These are some of the findings of a new global report released by Deloitte yesterday.

The study was based on in-depth research, mostly in-person, with more than 200 technology, media and telecoms companies around the world in every major region, including Europe, North America, Africa, the Middle East, Japan, Latin America and the Caribbean.

"This year's results indicate companies are explicitly scaling back, which is having a detrimental impact on all aspects of technology, media and telecommunications (TMT) security," said Reinhardt Buys, a senior technology lawyer at Deloitte Legal in Johannesburg.

"Many companies that underinvest in security now find themselves vulnerable and unable to keep pace with the growing threats from increasingly sophisticated attacks and emerging technologies ."

The research disclosed that 32% of companies had reduced their information security budgets, while 60% of organisations believed they were "falling behind" or still "catching up" to their security threats, a significant increase from 49% the previous year.

The survey also indicated that declining security investment was hindering the adoption of new security technologies, with only 53% of companies considering their organisations to be early adopters, or part of the majority. While social networks, such as Facebook and Twitter, and blogs could be powerful enablers, they also increase companies' internal security challenges.

The results of the study showed that "exploitation of vulnerabilities in web 2.0 technologies" and "social engineering" techniques such as pretexting and phishing were regarded as a threat to a company's information security, with more than 83% and 80% of companies respectively.

According to Buys, the study confirmed, once again, that the biggest security risks were negligent and disgruntled staff members.

"Information and intellectual property are the lifeblood of a TMT company," Buys said. "Protecting these precious assets, often in open and collaborative business environments, must be the imperative for organisations."

The survey disclosed that less than half of the companies surveyed (47%) had a privacy programme in place, and only 44% had an executive responsible for privacy.

Buys said: "Companies that underinvest in security now may find themselves exposed when the economy recovers."

He said business would be well advised to outsource specialised security needs such as forensics, legal support and regulatory compliance.

Cuts in Security Spending May Prove Costly - Deloitte Study

No comments: