|
BIGGEST THREAT TO CORPORATE SECURITY COMES FROM WITHIN says Economist Intelligence Unit
New white paper on corporate security from the Economist Intelligence Unit, sponsored by Nortel Networks.
(PRWEB) October 20, 2003 --
BIGGEST THREAT TO CORPORATE SECURITY COMES FROM WITHIN - according to new survey and report from the Economist Intelligence Unit
Senior executives believe disgruntled employees are more likely to launch a deliberate attack on the company than kudos-seeking hackers, and security breaches usually arise from a failure of process rather than a failure of technology. These are among the key research findings published today in Testing the defences: facing up to the challenge of corporate security, a new white paper from the Economist Intelligence Unit sponsored by Nortel Networks*.
The paper, which includes a foreword from former mayor of New York Rudolph Giuliani, argues that while more companies are treating security as a priority, many have failed to introduce effective risk management and controls. In a survey of 178 senior managers around the world conducted as part of the research for the report, 68% of executives said they had not attempted to quantify the security risks their companies face.
"Business leaders are more aware of security dangers, but need to do much more to prepare. As the research in this report shows, companies should not be deferring an issue like corporate security merely because the threats are hard to quantify. Instead, CEOs and boards should be considering the future cost of failing to act today," says Mr Giuliani, Chairman and CEO, Giuliani Partners LLC.
The report also draws a number of conclusions for business leaders seeking to understand today's complex security environment:
| | - Executives struggle to measure and prioritise security risk. Even though 71% of companies conduct a risk analysis of their security environment once a year or more, 32% do not know the cost of security breaches. Contradictory responses to some survey questions indicate high levels of confusion and uncertainty amongst executives about the nature and impact of the security threats faced by their companies.
|
| | - Employees hold the key to corporate security. 57% of our survey respondents believe security breaches are more likely to be a result of accident than deliberate intent; 78% said breaches arise from a failure of internal process. Many companies do not have specific policies in place to tackle accidental leaking of sensitive data. Even where strong policies exist, training and incentives are required to ensure employees follow security procedures to the letter. The research suggests that the only way to protect the business is to build security into the corporate culture.
|
| | - Companies must deliver a co-ordinated response to a wide range of threats. Few companies currently have an enterprise-wide strategy that covers all the facets of corporate security. IT is only one part of the problem: companies urgently need to address other vulnerabilities throughout the organisation. The different security functions - IT, physical security, risk managers and human resources - need to work together more effectively to ensure this happens.
|
| | - Company boards are increasingly liable for security failings. New laws and regulations will make board-level executives accountable for preventable security breaches. Boards need to lead on security from the top, setting priorities and driving cultural change against a coherent business plan. Top executives will also need better information on the prevalence and costs of different types of business risk to meet their obligations.
|
"These findings make it clear that companies have a lot more to do if they want to fully protect their business. This is much more than an IT issue - security has to become part of the organisation's DNA," says Malcolm Collins, president, Enterprise Networks, Nortel Networks.
"Companies are investing more time and resources than ever before in corporate security, but they're still struggling to keep pace with a complex and fast evolving risk environment," says Daniel Franklin, editorial director for the Economist Intelligence Unit.
"Testing the defences: facing up to the challenge of corporate security"
is available free of charge from the Executive Briefing website (http://eb.eiu.com)
For further information please contact:
Economist Intelligence Unit
Sheila Allen +44 (0)20 7830 1010 or sheilaallen@eiu.com
Gareth Lofthouse: +44 (0)20 7830 1150 or garethlofthouse@eiu.com
About Nortel Networks
Nortel Networks is an industry leader and innovator focused on transforming how the world communicates and exchanges information. The Company is supplying its service provider and enterprise customers with communications technology and infrastructure to enable value-added IP data, voice and multimedia services spanning Wireless Networks, Wireline Networks, Enterprise Networks, and Optical Networks. As a global company, Nortel Networks does business in more than 150 countries. More information about Nortel Networks can be found on the Web at www.nortelnetworks.com.
About the Economist Intelligence Unit
The Economist Intelligence Unit is the business information arm of The Economist Group, publisher of The Economist. Through our global network of over 500 analysts, we continuously assess and forecast political, economic and business conditions in 195 countries. As the world's leading provider of country intelligence, we help executives make better business decisions by providing timely, reliable and impartial analysis on worldwide market trends and business strategies.
| | - Nortel Networks is a trademark of Nortel Networks.
|
END
Sheila Allen
Press Liaison
Economist Intelligence Unit
15 Regent Street
London
SW1Y 4LR
UK
Tel: +44 (0)20 7830 1010
Fax: +44 (0)20 7839 1466
email: sheilaallen@eiu.com
email: london@eiu.com
For global business intelligence, visit www.eiu.com
|
