Do Executives Take Security Seriously? Survey Says Yes. - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Information Management
Commentary
5/28/2009
03:02 PM
Connect Directly
LinkedIn
Google+
Twitter
RSS
E-Mail
50%
50%

Do Executives Take Security Seriously? Survey Says Yes.

Our exclusive InformationWeek survey shows that IT and executives are on the same page when it comes to information security threats, policies and more.

Our exclusive InformationWeek survey shows that IT and executives are on the same page when it comes to information security threats, policies and more.Asking a C-level executive if security is important is like asking a politician if they love America. Everyone knows the right answer is "Yes."

But what if you ask the IT professionals whether executives actually back up their politically correct answer with tangible support? We did, and the results surprised us.

According to our survey, 70 percent of IT directors say executives provide meaningful support of security operations. When we asked about examples of that support, 66 percent said infosec leaders get input into critical business decisions, and 57 percent say executives provide sufficient budget.

Frankly, these results surprised us. For one, when have you ever heard IT say it has enough money? For another, security professionals used to wander in the wilderness like Old Testament prophets, their message unheeded by the idolaters in the executive suite.

Why the change? Our survey provides some clues. For instance, both executives and IT directors said industry and government compliance mandates have the most influence on their organizations' security programs. The status of corporate compliance with regulations is the most common information that gets reported to executives.

Programs such as state breach disclosure laws, the Payment Card Industry Data Security Standard and HIPAA have raised the profile of information security because the failure to comply with these and other regulations have consequences that are felt all the way up to the boardroom.

In addition, a string of high-profile security breaches in the past three or four years demonstrate that data theft isn't a phantom menace. When brand-name companies fall prey to targeted attacks, executives notice. In fact, executives say the potential loss or theft of personal information is their top security concern.

The full report is available as a free download here(registration required). It includes all the survey results from 326 C-level executives and IT leaders. It also has our detailed analysis of the IT/executive relationship around security, more than twenty charts, and real-world insights from executives at Vanguard, CIGNA and other leading corporations.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Slideshows
Reflections on Tech in 2019
James M. Connolly, Editorial Director, InformationWeek and Network Computing,  12/9/2019
Slideshows
What Digital Transformation Is (And Isn't)
Cynthia Harvey, Freelance Journalist, InformationWeek,  12/4/2019
Commentary
Watch Out for New Barriers to Faster Software Development
Lisa Morgan, Freelance Writer,  12/3/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
The Cloud Gets Ready for the 20's
This IT Trend Report explores how cloud computing is being shaped for the next phase in its maturation. It will help enterprise IT decision makers and business leaders understand some of the key trends reflected emerging cloud concepts and technologies, and in enterprise cloud usage patterns. Get it today!
Slideshows
Flash Poll