Gauteng Business News

Send  Share  RSS  Twitter  05 Dec 2011

INFOTECH: Companies Heighten Efforts to Manage Information Security


Recent Gauteng Business News

The vast majority of business and IT executives across industries are confident in the efficacy of their information security practices. 43% believe they have effective information security strategies and proactively execute their plans.

These were among the findings of the 2012 Global State of Information Security Survey®, the largest of its kind, conducted by PwC in conjunction with CIO Magazine and CSO Magazine.

“The survey of 9 600 business and IT executives from 138 countries, including South Africa, shows companies today have greater insights than ever before into cyber crime,” says Kris Budnik, head of PwC South Africa’s Information Security practice. “They are translating this information into investments focused on three areas: better incident detection and management capabilities, and tighter security of their web services – though there is a danger that these investments may not be adequate.

“This paints a different picture to that of a few years ago when almost half of all respondents couldn’t answer the most basic questions about the nature of security-related breaches.”

Confidence Increases in Information Security

Approximately 80% of survey respondents can now provide specific security-related information about the frequency, type and source of security breaches their organisations faced this year. More than seven out of ten feel confident, at some level, in the effectiveness of their organisation’s information security capabilities.

Budnik adds that while local representation in the survey was small, the survey’s findings closely mirror the situation in South Africa where companies grapple with the same security issues.

“Security is very resource-intensive and local companies tend to do more with less, but our level of awareness matches that of the rest of the globe,” he says.

Despite increased confidence around security, vulnerabilities keep multiplying and still require attention – especially given the many new dimensions of cyber crime,” says Budnik.

Information Security for Mobile Devices and Social Media

Mobile devices and social media represent a significant new line of risk – and a demand for management response. The survey showed fewer than 43% of respondents having a security strategy for employee use of personal devices and only a third having one for mobile devices and social media.

“While organisations are beginning to increase efforts to manage mobile and social media risks, these percentages are disappointing,” says Budnik. “Many organisations believe they are dealing with the issues simply by blocking the use of personal devices or limiting access to social media but, in doing so are losing out on significant advantages that these may bring to their business, including innovation, thought leadership and quick decision-making.”

Cloud computing has gained momentum, improving but also complicating the security landscape. More than four out of ten respondents report that their organisation uses cloud computing – 69% for software-as-a-service, 47% for infrastructure-as-a-service and 33% for platform-as-a-service.

The companies surveyed are split on whether their use of cloud technologies has weakened or improved security (54% of organisations say that cloud technologies have improved security). The largest perceived risk is the uncertainty in enforcing security policies with the service provider.

“Use of cloud services in South Africa follows similar patters and local companies share the same concerns,” says Budnik. “In my opinion, cloud computing enhances security. Because security is strategic to the delivery of the cloud service, providers pay more attention to it than would probably occur inhouse.”

Security-related risks associated with partners, vendors and suppliers have always been an issue but the latest survey suggests the situation is getting worse. While it is generally acknowledged that the most common source of security breaches are employees, not enough attention is paid to other classes of insiders such as business partners and suppliers. And, as many companies now invite customers inside their network, customers are becoming a potential source of threat as well for information security.

HBC-SolutionsBusiness Profilesohse-consultancyperfect-weddingspine-align

Online Foreign Exchange
Foreign Exchange


Fax 2 Email



Online Casino


Shop Online

Study IT
Study IT Online

Web design
Web Design


Work from Home
Company News


© 2020 All rights reserved.

Daily Newsletter Subscription


Subscribe to the Gauteng Business News Daily News and information email (it's free).

Thank You
Your email address has been added.

Email Address: