Businesses recognise privacy issues says Ernst & Young


Businesses recognise privacy issues says Ernst & Young

Bill Goodwin

Businesses are only just waking up to the need to invest in data protection and privacy, according to a survey by Ernst & Young of 1,200 organisations worldwide.

The research shows that organisations are proactively identifying privacy and data protection as significant issues for the first time in the survey’s nine year history.

This is despite a growing number of high profile cases which have led to companies damaging their reputation by mismanaging personal data, said Richard Brown head of security risk services at Ernst & Young.

“Businesses are only just waking up to the dangers of having little or no privacy policy in place for managing sensitive data. The tipping point appears to be growing consumer awareness,” he said.

The survey found that compliance is the main driving force for companies implementing information security.

This had led to greater integration, with 43% of organisations saying their information security function is now part of their organisations' risk management function -  up from 40% in 2005.

But while many organisations are beginning to understand the scale of investment they need to make in their own organisations, they are still failing to manage third party risk. Around 55% of companies had no formal agreements in place with third party suppliers, for the second year running, putting them potentially at risk.

Gaps also remain in business continuity planning, the survey shows. Although most firms have plans in place, only half have tested them and less than half  have communication strategies in place, and one third have not agreed recovery times with the business.

“There are some strong challenges ahead for business and IT leaders in managing information security as supply chains become increasingly complex, people and technology more mobile, and businesses integrate outsourcing and third parties further into their models,” said Brown.

Comment on this article:

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy