The bad news: More than 76,000 security incidents were reported in the first six months of this year (only six thousand less than the reported incidents in all of 2002); fewer businesses rank security as high a priority as last year; and fewer plan to increase their spending.
The good news: Many companies think they've already invested in the fundamental security infrastructure they need; security tools have become more plentiful and more effective; and companies have more information and ways to fix vulnerabilities.
The gap: The threats are getting worse each day. The attacks are becoming "blended" and take advantage of multiple software vulnerabilities to wreak havoc on a system. So why then aren't companies making security a higher priority and investing more in protecting critical data, networks, and systems?
After poring through the data from the 2003 InformationWeek Research U.S. Information Security Survey and interviewing dozens of companies, George V. Hulme, senior editor, says he's surprised at how many companies still consider it a "grudge spend"—a necessary evil with little demonstrable value day to day.
In my early years at InformationWeek, more than a decade ago, there were many companies that felt that way about IT. They got squeamish about publicizing how much they spent on IT because that was a pricey capital expense designed to get something done. Fast forward to today, however, and the value of IT is phenomenal—businesses can't innovate without it, processes can't improve without it, and productivity can't increase without it. So, I'm hopeful that there will be a time when more business–technology executives feel the same way about security.
Stay tuned. In September, we'll bring you the results of our Global Information Security Survey.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.