Security Survey Data Points
By Bob Violino
Issue date: Oct. 21, 1996
Some of the key findings of the fourth annual InformationWeek / Ernst & Young Information Security Survey:
- Slightly more than one-quarter of the organizations surveyed have no formal business continuity plan. Of those that do have a plan, 42% have never tested it.
- The number of companies that include centralized security administration, records management, external access, personnel security/nondisclosure agreements,
and business continuity planning in a corporate security policy decreased from 1995 to 1996.
- Also decreasing were the number of organizations using PC access-control software, secure modems, message authentication codes, single sign-on software, and PC hardware security devices.
- A huge majority of organizations have no information-security orientation program for employees. Nearly two-thirds have no security awareness program that provides periodic updates or reminders to employees.
- Despite the growing use of client-server computing for critical business applications, more than one-third of the organizations don't actively monitor use of their LANs and WANs.
- More than one-third of the respondents said their organizations don't monitor Internet activities.
- About 60% of the organizations have no incident-response plan when an intruder is detected in their network. And 73% have no formal incident-response team.
Return to " The Security Facade "
http://www.informationweek.com
This Week's Issue
Technology Whitepapers
- Mobile BI: Actionable Intelligence for the Agile Enterprise
- Creating the Enterprise-Class Tablet Environment - by Yankee Group
- How To Regain IT Control In An Increasingly Mobile World - by BlackBerry
- Red Alert: Why Tablet Security Matters - by BlackBerry
- New Visual and Wizard-Driven Paradigms for Exploring Data and Developing Analytic Workflows
