Most It and information security executives believe their companies are keeping data safe and secure – but those rsy assessments don’t align with the ugly reality.
72% of 9600 respondents from around the world said they were confident in their organization’s information security capabilities, according to the 2012 Global State of Information Security Survey by PwC.
Companies need -An information security strategy -A chief security officer who reports directly to organizational leadership -An annual measurement and review process -An understanding of past security events.
Only 13% of all companies meet those requirements.
Identity Management Strategy 2009 48% / 2011 41%
Business Continuity/Desaster Recovery 2009 53% / 2011 39%
Annual Privacy Policy Review 2009 52% / 2011 39%
Dedicated Monitoring of Employee Internet Use 2009 57% / 2011 49%
Source: PM Network 1/2012