In the 2011 Strategic Security Survey conducted by Information Week (IW) — findings seem to indicate that businesses are finally starting to understand that when it comes to security, everyone needs to pay attention. To that point, an article written by Michael Davis, IW contributing writer, does a fine job in citing particular findings to support that increased interest in security by C-level managemers.
As Mr. Davis points out, the survey also addresses a common complaint from security pros — i.e. top executives don’t consider security a priority. As one survey respondent comments, ” Upper management rarely considers the value of security — until an attack or breach occurs“. Survey results, however, seem to point to an encouraging movement around both levels of management buy-in and levels of adequate funding — long regarding as additional problems often facing security pros. And, as an answer to those concerns, the survey indicates that when asked what might increase their company’s vulnerability to attack, the number of respondents citing “budget constraints” fell by eight (8) percentage points compared to 2010.
Other survey results also seem to be very promising. For instance, both the CEO/owner and CFO are now showing an increased interest (involvement?) in security policy decisions as well as in levels of security $$ spending. In 2010, only 27% of CEO’s and presidents were said to be involved in security policy decisions; in 2011, it jumped to 34%. In 2010, 46% of CEO’s and presidents were said to be involved in security spending descisions; in 2011, it jumped to 52%. As for CFO’s , 56% are involved with security spending, according to the IW 2011 survey, up from 52% in 2010.
If security related issues are a major cocern or topic for discussion of your risk management or business continuity planning teams, then please recommend them to read more about the results of this strategic security survey.
Photo courtesy of blog.cenzic.com