You are here > Home > News
Businesses 'aware of IT security risks posed by emerging tech'
IT News |
Companies across the UK increasingly recognise the threats posed by current technology trends and are taking steps to improve their IT security, according to Ernst & Young.
The Big Four firm's Global Information Security Survey 2010 found that businesses are taking steps to protect their IT, however keeping pace with emerging threats and risks is increasingly difficult in today's highly connected, virtual business world.
Development of technologies such as cloud computing, social media, mobile devices such as smartphones and Web 2.0 has created a host of new dangers, the company stated.
And while 46 per cent of survey respondents indicated that their annual investment in information security is increasing, Ernst & Young claimed that this alone is no guarantee of success.
"Companies must also establish more comprehensive IT risk management programs that identify and address the risks associated with new and emerging technologies," the firm stated.
"Take an information-centric view of security, which is better aligned with the organisation's business and information flows."
At present, just 30 per cent of organisations have an IT risk management program in place that is capable of addressing immediate threats, the survey revealed.
Ernst & Young said that specific measures should be taken to guard against data leaks in mobile computing, with investment in encryption, and identity and access management services increasing.
This should focus on the people who use the technology, rather than the IT itself, the report said.
"Information security policies should be reviewed and adjusted appropriately to establish the acceptable use and any specific restrictions related to mobile computing devices," Ernst & Young added.
The firm also urged companies to increase security awareness training activities for the mobile workforce, ensuring employees are fully aware of the inherent dangers.
Last month, the Information Commissioner's Office handed out the first two monetary penalties for organisations acting in breach of the Data Protection Act.
Hertfordshire County Council was fined £100,000 following two serious incidents where council employees faxed highly sensitive personal information to the wrong recipients.
Employment services company A4e received a £60,000 penalty after the loss of a laptop containing sensitive and unencrypted personal information.
Posted by Jon Aspinell
IT Recruitment Agency - 12.5% Fee / 3 Month, 100% Rebate - Transparent Recruitment Fees Since 1999.
Sign up to our e-newsletter service to receive our headline news directly to your inbox