Businesses recognise privacy issues says Ernst & Young

Bill Goodwin

Businesses are only just waking up to the need to invest in data protection and privacy, according to a survey by Ernst & Young of 1,200 organisations worldwide.

The research shows that organisations are proactively identifying privacy and data protection as significant issues for the first time in the survey’s nine year history.

This is despite a growing number of high profile cases which have led to companies damaging their reputation by mismanaging personal data, said Richard Brown head of security risk services at Ernst & Young.

“Businesses are only just waking up to the dangers of having little or no privacy policy in place for managing sensitive data. The tipping point appears to be growing consumer awareness,” he said.

The survey found that compliance is the main driving force for companies implementing information security.

This had led to greater integration, with 43% of organisations saying their information security function is now part of their organisations' risk management function -  up from 40% in 2005.

But while many organisations are beginning to understand the scale of investment they need to make in their own organisations, they are still failing to manage third party risk. Around 55% of companies had no formal agreements in place with third party suppliers, for the second year running, putting them potentially at risk.

Gaps also remain in business continuity planning, the survey shows. Although most firms have plans in place, only half have tested them and less than half  have communication strategies in place, and one third have not agreed recovery times with the business.

“There are some strong challenges ahead for business and IT leaders in managing information security as supply chains become increasingly complex, people and technology more mobile, and businesses integrate outsourcing and third parties further into their models,” said Brown.

Comment on this article:

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

COMMENTS powered by Disqus  //  Commenting policy