Feeds

IT Security: Podium place or first round shame?

The Reg Readers have spoken

  • alert
  • submit to reddit

Boost IT visibility and business value

Tech Panel The results of our Security Poll are in, and like medal-toting 'Team GB', they show that being game counts a lot. The entire report is now available for consumption over in our whitepaper library - grab your very own copy today.

A big thanks to the 1,100 fine folk who took part in the poll, the warm up to our forthcoming Security Debate in September. You told us straight up that IT security remains an important issue. However, it’s clear that between organisations, IT security practices vary considerably.

In fact, leaving technology aside and concentrating on some behavioural and attitudinal attributes highlighted some serious differences. We separated out the two extremes: organisations scoring very high or very low on levels of security awareness and availability of training, and how seriously IT security is taken by senior management, the workforce and the IT department. Then we compared the socks off them.

So was it worth it? Yessirree.

Broadly speaking, the leader group considers itself to be much better protected against a range of security threats. There’s a certain level of confidence generated by being up for it, it seems.

But does it make any actual difference? Well, yes, especially in more complex risk areas such as website defacement or corruption, where we found the laggards to be three times more likely to suffer.

Continuing the leaders and laggards theme, a number of other ‘good behaviours’, in policy, communication and tooling became clear.

While IT security policy across the sample is all over the place, leaders are twice as likely to have a comprehensive policy in place. When it comes to tools in use, it seems that being up for it includes being far more likely to be getting to grips with some of the more complex IT security solutions – vulnerability testing, intrusion protection, event management and behavioural analysis - to name a few.

But what spark, or otherwise, separates the leaders from the rest?

A big clue lies in the degree of communication. You’ll like this, because it supports the ‘we’re not bloody mind readers’ angle that IT often has to take with the business. Essentially, the leaders understand that IT isn’t a bloody mind reader, and have thus got better at prioritising the risks their businesses face, and at communicating them to IT. Furthermore, they are streets ahead when it comes to communicating all this to the workforce. These rather simple capabilities could be a fundamental reason for the chasm between the effectiveness of the leaders and the laggards.

Ultimately, it will always be worth reviewing the IT security situation in any organisation and determining what improvements can be made. This is particularly true when it comes to communication, as time and again we see that ‘the threat within’ ranks higher as a risk factor than any other issue.

Whether you feel like a leader, laggard or inbetweener, if you have something to learn or something to share, sign up for the Security Debate 24 Sept and come and have your say.

In the meantime, our shiny new report based on the findings from the study will further whet your appetite, so grab a copy today. ®

The Power of One Brief: Top reasons to choose HP BladeSystem

More from The Register

next story
BBC goes offline in MASSIVE COCKUP: Stephen Fry partly muzzled
Auntie tight-lipped as major outage rolls on
iPad? More like iFAD: We reveal why Apple fell into IBM's arms
But never fear fanbois, you're still lapping up iPhones, Macs
Stick a 4K in them: Super high-res TVs are DONE
4,000 pixels is niche now... Don't say we didn't warn you
Philip K Dick 'Nazi alternate reality' story to be made into TV series
Amazon Studios, Ridley Scott firm to produce The Man in the High Castle
Sonos AXES support for Apple's iOS4 and 5
Want to use your iThing? You can't - it's too old
There's NOTHING on TV in Europe – American video DOMINATES
Even France's mega subsidies don't stop US content onslaught
You! Pirate! Stop pirating, or we shall admonish you politely. Repeatedly, if necessary
And we shall go about telling people you smell. No, not really
Too many IT conferences to cover? MICROSOFT to the RESCUE!
Yet more word of cuts emerges from Redmond
Joe Average isn't worth $10 a year to Mark Zuckerberg
The Social Network deflates the PC resurgence with mobile-only usage prediction
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.