Compliance a major issue

News Analysis

Compliance a major issue

A survey on compliance and security by management consultancy Ernst & Young has demonstrated the lock that compliance has on the Boardroom’s mindset.

Despite this, organisations are missing the opportunity that this reliance on compliance offers to promote information security as an integral part of the business, according to Ernst & Young's annual Global Information Security Survey.

Nearly two-thirds of survey respondents - representing 1,300 global companies, government and non-profit agencies in 55 nations - said compliance with regulations such as Sarbanes-Oxley, or the Companies Act had become the main corporate driver of information security.

Yet, according to Ernst & Young, compliance has proved to be more of a distraction than a catalyst for information security when it comes to becoming strategically aligned within organisations. The gap continues to widen between the growing risks brought on by rapid changes in the global business environment and what information security is doing to address those risks.

In general, although awareness about information security has risen as a critical issue among boards and executive management, they continue to focus information security activities on operational and tactical issues, rather than addressing strategic concerns.

The survey also found that rapidly developing technologies such as voice-over IP telephony, open source software, and server virtualisation, which offer a future competitive advantage are considered to be a security concern only among 20% of organisations.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy