Enterprises ignoring data security and privacy

Powered by SC Magazine

Technology, media and telecoms (TMT) firms are "treading water" when it comes to data security and privacy, new research warns..

A Deloitte global survey published today found that only 53 percent of TMT companies report losses of customer data.

The study warned that these firms must increase their security efforts and investments to keep up with the latest threats.

James Alexander, technology security partner at Deloitte, said: "When it comes to security, the majority of TMT companies are managing to keep their heads above water.

"In the 12 months preceding the survey, the majority of companies successfully avoided a major security crisis, and 69 percent of respondents were 'very confident' or 'extremely confident' about tackling external security challenges.

"However only a few increased their security capabilities to the point where they now feel as if they are ahead of the problem; just seven per cent of TMT companies believe that they are prepared for future security threats."

Alexander added that, although security investments have climbed over the past year, the increases were often just enough to offset the rising volume and complexity of threats.

Only five percent of companies increased their security investment by 15 per cent or more, and only half allocated less than three per cent of their IT budget to security.

"Something that many organisations overlook is the source of the threat," Alexander warned.

"The most dangerous threats come from within, and 75 percent of companies cited 'human error' as one of the root causes for security failures, putting it ahead of 'operations' and 'technology'."

One of the most alarming results of the survey is attitudes towards customer data. News stories about the loss or theft of sensitive customer data are increasingly commonplace, and incidents that make the headlines are just the tip of the iceberg.

"Only 53 percent of companies publicly disclose the loss of customer data, and many do so only in situations where disclosure is required by law," said Alexander.

The research suggests that only 38 percent of companies believe that their organisation has all the skills and capabilities it needs to respond effectively and efficiently to security challenges.

Additionally over two-thirds of companies do not track losses of customer data at all, and even fewer (32 percent) have performed an inventory of personal information.

The global survey respondents included TMT companies from across all three sectors, 44 percent of which employ between 5,000 and 50,000 employees and 47 percent of which report revenue between US$1 billon and US$10 billion.

Copyright ©

Enterprises ignoring data security and privacy
Top Stories
Myer CIO named retailer's new chief executive
Richard Umbers to lead data-driven retail strategy.
Empty terminals and mountains of data
Qantas CIO Luc Hennekens says no-one is safe from digital disruption.
BoQ takes $10m hit on Salesforce CRM
Regulatory hurdles end cloud pilot.
Sign up to receive iTnews email bulletins
Latest Comments
Who do you trust most to protect your private data?

   |   View results
Your bank
Your insurance company
A technology company (Google, Facebook et al)
Your telco, ISP or utility
A retailer (Coles, Woolworths et al)
A Federal Government agency (ATO, Centrelink etc)
An Australian law enforcement agency (AFP, ASIO et al)
A State Government agency (Health dept, etc)

Do you support the abolition of the Office of the Information Commissioner?

   |   View results
I support shutting down the OAIC.
I DON'T support shutting the OAIC.