TechnologyAccounting SoftwareSecurity spending still not a priority

Security spending still not a priority

Despite investing vast amounts of money to protect their networks from hacking and viruses, companies are still not tracking the return on their IT security spending, according to a new report from analyst IDC.

Link: IT Decisions – Security

Only 13% of the 100 chief information officers, chief technology officers and IT directors surveyed tracked the costs and returns on their security purchases, despite nine out of ten of the executies rating it in their top five priorites – and a shade under 40% as their top IT priority.

But while security is considered important, only 15% of firms regard it as a business investment in risk management.

‘There’s still a problem with attitude,’ said Gordon Morris, analyst at IDC.

‘Security is a bit of a head-in-the-sand issue. Most board members don’t come from an IT background and aren’t used to operating in this way. They see IT security as a business cost, or as one person said a necessary evil.’

IDC added that attitudes are changing at board level as IT managers learn to demonstrate the prudence of risk management tools – although many still find building a realistic picture of IT security return on investment problematical.

Rather than comparing the cost of hardware and software with the cost of a breach in security, companies should look at the larger business benefits involved, IDC said.

‘Risk management assessments are becoming an an increasingly important way of measuring a company’s success due to the growing focus on coporate governance and management accountability,’ said Morris.

‘It is true that ROI of security investment may never be known,’ the report concludes.

‘By working with risk management, though, some form of value can be understood and communicated. By measuring the effectiveness and value of IT security investment, a platform for providing a meaningful IT security platform can be achieved.’

Companies looking to manage their risk are increasingly passing the problem onto third parties, either by outsourcing or moving into partnership with specific security vendors, the report said.

IDC also warned vendors that while risk management was now the key factor in most purchase decisions, scare stories about viruses and other malware was least effective tool in persuading companies to set a firm security policy.

Related Articles

Accountancy in the digital age: Flexibility, agility, efficiency

Accounting Software Accountancy in the digital age: Flexibility, agility, efficiency

3w Pegasus Software | Sponsored
Sage purchases Intacct in its largest ever acquisition

Accounting Software Sage purchases Intacct in its largest ever acquisition

5m Alia Shoaib, Reporter
5 tips for SMEs to protect cash flow

Accounting Software 5 tips for SMEs to protect cash flow

5m Alia Shoaib, Reporter
UK behind foreign markets in digital accounting, but gap is narrowing

Accounting Software UK behind foreign markets in digital accounting, but gap is narrowing

7m Alia Shoaib, Reporter
The rise of the progressive accountant

Accounting Software The rise of the progressive accountant

8m Emma Smith, Managing Editor
Making Tax Digital: Revolution or revolt?

Accounting Software Making Tax Digital: Revolution or revolt?

8m Emma Smith, Managing Editor
Making Tax Digital: Is HMRC’s recent system fault a cause for concern?

Accounting Software Making Tax Digital: Is HMRC’s recent system fault a cause for concern?

8m Emma Smith, Managing Editor
Four reasons why SME owners should switch to cloud accounting

Accounting Software Four reasons why SME owners should switch to cloud accounting

9m Emma Smith, Managing Editor