Companies still neglecting security, warns PwC

Companies still neglecting security, warns PwC

Despite security topping most IT managers list of priorities, companies are still not spending enough to protect themselves and remain reluctant to report breaches.

Link: Protecting your company’s digital assets

That is the conclusion of the fifth annual Global Information Security Survey carried out by PricewaterhouseCoopers for Accountancy Age’s partner magazine Information Week.

GISS questioned IT managers and security professionals at 8,100 sites worldwide. More than 3,000 of those were Computing readers in Europe and the UK.

Almost two thirds of respondents said information security is still a fundamental concern, yet many admit to not knowing how much breaches cost, not reviewing security policies and not reporting breaches to law enforcement agencies.

The security spending boom has yet to materialise with the majority of companies spending less than $500,000 a year, with Europe behind the US.

Security breaches were recorded at 66% of the worldwide sites in the past year, but almost half of European organisations said they had no idea how much those attacks cost them.

The biggest source of attacks, according to the organisations surveyed, is external hacking which rose from 46% in 2001 to 55% this year.

Internal sources, such as employee misuse or disgruntled staff accessing unauthorised areas of the network, have declined year-on-year to 50 per cent.

Yet most companies are still afraid of the damage to reputation to report those attacks to the police, with 53% of European organisations not reporting breaches.

Businesses are increasingly adopting staff awareness programmes on security combined with technologies such as virtual private networks to secure data, according to GISS. Yet a quarter have neither reviewed nor measured the effectiveness of their corporate security policy in the past year.

Viruses remain the most common type of security breach, accounting for 44% of incidents – down slightly from 2001.

This drop is due to the increased vigilance of IT managers in updating anti-virus software, according to GISS.

Security technology is the biggest factor in businesses discovering attacks with firewall logs and intrusion detection systems coming ahead of alerts from colleagues.

Share

Subscribe to get your daily business insights

Resources & Whitepapers

Why Professional Services Firms Should Ditch Folders and Embrace Metadata
Professional Services

Why Professional Services Firms Should Ditch Folders and Embrace Metadata

3y

Why Professional Services Firms Should Ditch Folde...

In the past decade, the professional services industry has transformed significantly. Digital disruptions, increased competition, and changing market ...

View resource
2 Vital keys to Remaining Competitive for Professional Services Firms

2 Vital keys to Remaining Competitive for Professional Services Firms

3y

2 Vital keys to Remaining Competitive for Professi...

In recent months, professional services firms are facing more pressure than ever to deliver value to clients. Often, clients look at the firms own inf...

View resource
Turn Accounts Payable into a value-engine
Accounting Firms

Turn Accounts Payable into a value-engine

3y

Turn Accounts Payable into a value-engine

In a world of instant results and automated workloads, the potential for AP to drive insights and transform results is enormous. But, if you’re still ...

View resource
Digital Links: A guide to MTD in 2021
Making Tax Digital

Digital Links: A guide to MTD in 2021

3y

Digital Links: A guide to MTD in 2021

The first phase of Making Tax Digital (MTD) saw the requirement for the digital submission of the VAT Return using compliant software. That’s now behi...

View resource