All the latest UK technology news, reviews and analysis
|
|
|
09 Nov 2009
The actions of former employees are posing an increasing risk to companies, according to a new study.
Researchers from Ernst & Young said in the firm's annual Global Information Security Survey that as more companies are forced to cut staff, information theft and destruction at the hands of former workers is becoming an increasing risk.
"With the economy still in recession, employees who are made redundant may feel resentful towards their previous employer in a number of ways that may affect the smooth operation of an organisation," said Ernst & Young IT risk advisory partner Richard Brown.
"Increasingly, the employer’s IT system has become a common target and data theft is also prevalent."
Further complicating matters are the budgetary constraints being placed on IT departments as a result of the economic crisis. As the risk from security threats increases, IT managers are being forced to provide tighter security with less money.
The study found that 52 per cent of companies surveyed said that they would not be able to increase spending on information security.
Adding to the pressure on security budgets are new regulations that bring additional compliance costs, the study found. Some 55 per cent of firms surveyed said their compliance costs had increased.
"Information security today already requires a lot more investment, as organisations race to catch up with an accelerating threat landscape, after a much delayed start," said Brown.
"However, information security is not immune to external economic forces and senior IT professionals will need to improve efficiency and effectiveness while keeping spending to a minimum."
Latest stories from Finance
Related videos
Related articles
Related jobs
Poll
Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?
V3 examines the key strengths and weaknesses of Samsung's latest iPhone killer
Connect with V3.co.uk
Social networking is almost ubiquitous. This white paper examines the benefits and risks and it looks at the different ways companies can reconcile them
The importance of understanding your infrastructure
Application Security SME, Penetration Tester / Ethical...
Java Developer Thomas Cook Online is the business unit...
Contract Systems Administrator, Southampton My...
PHP Web Developer required to join my market-leading...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Gambling with data security is riskier than most realise
Companies that cut spending on data governance are all too often gambling with the very data they need to protect. Reducing capital expenditure, on both the staff and technology that manages data governance, often leads to a significant lag time between an employee leaving a company and their email, SharePoint and other key user accounts being terminated. Known as ?Zombie Accounts?, these active credentials leave organisations exposed to significant risk. Data can be lost, stolen or tampered with while a company?s brand can be irreparably damaged by a data loss or theft. Restructuring a company?s headcount increases the risk of disgruntled ex-employees or opportunistic ?dustbin raiders? exploiting Zombie accounts for both financial gain and malicious purposes. As the report identified, failure to safeguard confidential internal and customer data can expose a company to a multitude of regulatory and legal challenges, particularly if any subsequent investigation finds that reasonable steps were not taken to safeguard such data because spending on and attention to data governance had been reduced. This is not to say that you can?t reduce your expenditure on data governance, many organisations have successfully done done this without compromising governance and compliance, but this has been achieved through considered and planned deployments of technology with efficiency and longer-term cost saving in mind. For this reason, investment in data governance cannot be reduced for short term budget reasons alone. According to the Ponemon Institute, the average total cost of a data breach ranged from £84,000 to almost £3.8 million, with an average of £47 per record compromised. The cost of a data breach for financial services companies is usually 17 percent higher than other business types, at £55 per record compromised. If you think the cost of data governance is expensive, look at the overall cost to a business of a data breach. Stuart Hodkinson, UK general manager, Courion
Posted by: Stuart Hodkinson, UK general manager, Courion 10 Nov 2009