$BlogRSDUrl$>
linking INTEGRITYIntegrity - use of values or principles to guide action in the situation at hand.Below are links and discussion related to the values of freedom, hope, trust, privacy, responsibility, safety, and well-being, within business and government situations arising in the areas of security, privacy, technology, corporate governance, sustainability, and CSR. Survey: Regulatory compliance biggest driver of information security initiatives, 4.11.05
Computerworld
Regulatory compliance has emerged as the biggest driver of information security initiatives, trumping concerns such as worms and viruses for the first time, according to the results of a survey released Wednesday by Ernst & Young. [Download a copy of the Global Information Security Survey 2005. (pdf, 320kb) ]
At the same time, the survey said, IT organizations and information security groups are failing to take advantage of compliance-related concerns to rearchitect their security organizations.
"The sheer number of regulations and the consequences of not complying have brought information security into the boardroom," the report said. "Yet many organizations are missing the rare investment opportunities that compliance offers to promote information security as an integral part of their business."
In Ernst & Young's survey of 1,300 organizations worldwide, nearly two-thirds of respondents said compliance is the primary driver of information security at their businesses, followed by worms and viruses and meeting business objectives.
The results are surprising, given that 2005 has been an especially busy year for worms and viruses, said Rudy Bakalov, senior manager of security and technology solutions at Ernst & Young. "We are very happy that compliance with regulations has become such a high priority," Bakalov said. Even so, most information security organizations are continuing to focus on tactical issues rather than strategic ones, he said.
For example, nearly 90% of those implementing security measures to comply with regulations are focusing on issues such as policies, procedures training and awareness campaigns, he said. Only 41% are also reorganizing their information security function and their architectures as part of the compliance process, he said.
[...]
(0) comments
Archives07.03 08.03 09.03 10.03 11.03 12.03 01.04 02.04 03.04 04.04 05.04 06.04 07.04 08.04 09.04 10.04 11.04 12.04 01.05 02.05 03.05 04.05 05.05 06.05 07.05 08.05 09.05 10.05 11.05 12.05 01.06 02.06 03.06 04.06 05.06 06.06 08.06 09.06 10.06 11.06 01.07 02.07 03.07 04.07 07.07 08.07 09.07 10.07 05.08 06.08 |