Firms failing on data sharing

Firms are acting to secure sensitive data, but third party risks remain

Written by Phil Muncaster

IT Week, 14 Nov 2006

Over half of organisations are failing to manage the risks of sharing data with third parties, although many are now investing in securing the capture and storage of sensitive data, according to a new global survey by consultancy Ernst & Young.

The firm's Global Information Security survey of 1,200 public- and private-sector organisations in nearly 50 countries found that more than three-quarters cited privacy and data protection as a significant issue, with 52 percent addressing privacy and data protection with formal procedures.

Advertisement

"It's been an issue for years but it has been done in an ad-hoc way through point solutions," explained the firm's UK head of Technology and Security Risk Services, Richard Brown. "What's caused that is a combination of consumers being more savvy in that area, and organisations getting on top of segregation of duties and securing data."

He added that although many firms are now taking "a good solid risk management approach" to data security, it is becomingly increasingly important to have disaster-recovery processes underpinning that. But only half of respondents said they actually tested their plans while only 46 percent said they have communication strategies in place.

Another major finding of the survey was the lack of formal agreements with third-party suppliers for secure data-sharing in just over half of firms. Brown argued that this is because contracts are often set up without the input of the CIO, who should enforce compliance with corporate standards over data security.

Donald Massaro, chief executive of secure messaging specialist Sendmail, agreed that firms are now taking data security a lot more seriously, driven by compliance to new legislation and high-profile data breaches.

"It has reached a tipping point in the States and the Californian [data breach notification] law has put some teeth on it," he explained. "Also, losing intellectual property is a violation of Sarbanes Oxley; it's all high visibility stuff that has the attention of [C-level executives] and it's moving over into Europe."

Tags:

Comments

Have your say on this article

White papers

Related jobs

More Accounting jobs

Most read

Most commented

Special Reports

Latest

Spotlight

Andrew Higginson, Tesco Personal Finance

Profile: Andrew Higginson, CEO of Tesco Personal Finance

He’s spent more than a decade at the top of...

Top 30 Accounting Networks and Associations 2008

The race to become the biggest firm on the planet...

Barack Obama Accountancy Age cover October 2008

Obama: asset or liability?

What an Obama presidency could mean for you

Find your next job

Find your next job
Salary Checker

Job of the week

More finance jobs

Newsletters

Sign up here for the very latest news delivered to your inbox. Choose from the following options:

Your next job

Have your say

THE BIG QUESTION: TAX CUTS
Will proposed tax cuts help to stimulate the economy?
Yes
No

Advertisement

Search white papers

Search white papers

Advertisement