Feature
News
7/12/2007
09:45 PM
Connect Directly
RSS
E-Mail
50%
50%

China's Evolutionary Leap

When it comes to security, the country has no time to waste.

Chinese organizations are only just starting to break through the early stages of information security, despite the country's intensifying participation in the global economy.

InformationWeek's Global Information Security survey illustrates their high level of risk exposure. It also suggests that Chinese organizations, given the level of attacks on their systems, may not have the luxury of plodding through the usual "evolutionary process" of developing IT security.

China's experience is different from that of U.S. companies 15 years ago. The demands of the global economy compel China to rapidly adapt to advanced international standards. Fortunately, Chinese organizations are accelerating their pace of security development in an effort to be seen on the international stage as secure and in control.

For instance, the average percentage of IT budget spent on information security in China is 19%, compared with 12% in the United States. That's an astonishing figure.

The survey responses of both U.S. and Chinese companies reinforce what Accenture clients are saying. They're asking for advice in assessing IT security risk, reducing security complexity, and measuring security's value, factors that support the business case for security spending.

Within those three areas, China's focus appears to be largely on basic infrastructure. This isn't surprising, as organizations must start somewhere. China has the benefit of learning from the experiences of U.S. companies as they advance into the areas of security automation and simplification. As the United States recognizes the need for more limber IT systems to handle fast-changing processes and opportunities, China is adapting as well.

Our survey underscores that many Chinese companies are already beginning to learn the lessons others have learned elsewhere. In earlier years, security tended to be a bolt-on afterthought. A bank decided to add a customer service, for instance, and only after establishing the new service did it figure out how to secure it. Chinese companies now say, "We need a new service, and as part of that service, what will be the security experience?" The security is being designed up front.

China is at the stage of acquiring point solutions for security. Eventually, the sheer volume of such fixes makes them impossible to manage. If Chinese organizations properly assess risk and institute strategic security measures rather than continue with a patchwork approach to vulnerabilities, they may be able to leapfrog the evolutionary process. High-performance security is particularly critical in adopting cutting-edge technologies such as wireless applications and service-oriented architectures.

As organizations move beyond fragmented, piecemeal approaches, they can embed security into business processes, thereby providing better integration, automation of manual processes, and improved management and monitoring capabilities. Chinese organizations realize that to enjoy the fruits of such high-performance security and become truly international, they'll have to intensify their adoption of international security standards.

Illustration ©2007 Brian Stauffer c/o theispot.com

Return to the story:
IT Security: The Data Theft Time Bomb

View charts:
IT Security: Still A Daunting Task

Buy the report:
2007 InformationWeek/Accenture Global Information Security Survey

Comment  | 
Print  | 
More Insights
IT's Reputation: What the Data Says
IT's Reputation: What the Data Says
InformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business really views IT's performance in delivering services - and, more important, powering innovation. Our results suggest IT leaders should worry less about whether they're getting enough resources and more about the relationships they have with business unit peers.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Must Reads Oct. 21, 2014
InformationWeek's new Must Reads is a compendium of our best recent coverage of digital strategy. Learn why you should learn to embrace DevOps, how to avoid roadblocks for digital projects, what the five steps to API management are, and more.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
A roundup of the top stories and trends on InformationWeek.com
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.