Published/updated: September 2008
by Jon Collins
Much has been written about the existence of various threats, internal and external, and vendors are only too quick to proffer solutions to the problems. But what really needs to exist for security to work? This report considers some of the more behavioural aspects of security best practice, such as the role of awareness, policy and communications.
IT security matters - but some organisations are doing better than others
While IT security is generally seen as important to our IT-oriented research sample, there is a general feeling that such aspects as the level of security awareness, and how seriously IT security is taken by business management, could be better. Such characteristics can be used to determine organisations that generally are ahead of the pack, and those who are lagging behind.
Leading organisations believe themselves to be better protected, and rightly so
In general, organisations that we have categorised as ’leaders’ believe themselves to be better protected than the ’laggards’. It is not always as simple as this when it comes to a reduction in threat levels, as it will tend to be those threats that are directly influenced by good security practices, that show the most marked improvements.
Having a comprehensive security policy is fundamental to good security practice
Organisations with a fully comprehensive, dynamic security policy are less likely to suffer security breaches such as web site defacement, or indeed theft. It is therefore no surprise to note that the more leading organisations are twice as likely to have such a policy in place than the sample as a whole. Equally notable is that organisations with outdated policies fare less well than those with no policy in place at all.
Communication between the business and IT is also important
Few would doubt that business risks should be prioritised as an input to implementing good security practice. There is a big difference of opinion between the leaders and the laggards however, concerning how important it is to communicate this information both to IT, and to the workforce. And indeed, such co-ordination has a tangible impact on risk reduction.
More progressive IT security organisations are deploying more complex tooling
IT security tools are in general bought more on the basis of simplicity than need - tools that are easy to cost-justify and deploy are far more likely to be in place than more complex tools. However, leading edge organisations are installing the more challenging tools. The lesson is not to install everything, but to review one’s own situation and make the necessary improvements that become apparent.
The research upon which this report is based was designed and interpreted on an independent basis by Freeform Dynamics. Feedback was gathered from 1,102 IT and business professionals during the online study, which was conducted in partnership with The Register.
This report is free of charge. Click above to download the PDF or view the interactive e-document.
If you experience any problems during this process please contact us at;
firstname.lastname@example.org or call +44 (0)1425 626501 / 620008
By Dale Vile and Tony Lock
It’s easy to be caught out by a cyber attack or internal mistake that leads to your customers’ data or important intellectual property ending up on the black market. Making sure your business is adequately protected and is able to respond effectively to a security incident ...more
By Dale Vile Tony Lock & Jack Vile
Application programming interfaces (APIs) have been around for decades. In the early days of IT they were primarily used to give programmers convenient access to libraries of prebuilt functions. As systems became more distributed, APIs found their place ...more
By Dale Vile & Jack Vile
The world we live in is increasingly digital. As the smart use of technology leads to markets speeding up and becoming ever more unpredictable, a strong set of established offerings and execution capabilities only gets you so far. Feedback from 1,442 IT ...more
By Dale Vile
Advances in digital technology create significant opportunities to transform both customer engagement and business operations. As the trends in these areas continue, feedback from 1,442 respondents in a recent survey highlight 10 key traits of the highest achievers. ...more
By Dale Vile
IT infrastructures are often coping pretty well with current business requirements, but many IT professionals are aware that new and changing needs will lead to future capability gaps. They also know that more of the same is not the answer ...more
By Dale Vile
In today’s fast-moving, information-intensive business environment, data management is more of a challenge than ever. Relying on manual processes and scripts, or ad hoc piecemeal automation, is not sustainable ...more
By Dale Vile
A perennial problem with storage is how to deal with escalating requirements in a smooth, manageable and non-disruptive manner. By removing many of the traditional limits on system expansion, Ceph based configurations ...more
By Dale Vile
Not so long ago, many were speculating that ‘Bring Your Own Device’ (BYOD) would define the future of end user computing. Most organisations today, however, see a role for both company and employee owned equipment to meet the wide and varied range of needs ...more