All the latest UK technology news, reviews and analysis

Lacklustre security making corporate data easy prey for hackers

29 Oct 2012
Security padlock image

A lack of skilled IT staff and poor security measures is putting companies' valuable corporate data at risk, according to consultancy firm Ernst & Young.

Ernst & Young made the claim based on the findings of its 2012 Global Information Security Survey, which polled 1,850 chief information officers, and other information security executives across 64 countries.

The study raised some alarming findings, including that although 77 percent of individuals said their firm now uses cloud computing services, 20 percent have no specific security measures in place to protect their data.

Of those that do have systems in place, the report found that 64 percent are using outdated systems that are ill-equipped to deal with modern cyber threats.

"What you have is a basis where companies are setting up to use cloud services, but they're not being configured or specified for security controls in the way they would be if they were being set up and controlled by IT," Ernst & Young director of information security, Mark Brown told V3.

"This means many companies are not getting the full security requirements necessary to make them safe so there are concerns over their use."

The news is doubly troubling as 88 percent of the polled UK companies reported detecting a marked increase in the number of external attacks targeting their networks.

Despite the alarming figure, Brown was quick to note that paper's findings did have some positive connotations, indicating businesses were at least aware of the problem.

"I think there is a higher risk in the threat landscape and there is an increased threat of cyber attack, but I also think it's to do with awareness," said Brown.

"If you look at the number of high profile cyber attacks and security incidents over the past 12 to 18 months there is a rising awareness among businesses about what is going on.

"So the 88 percent is indicative of a higher level of awareness, following through so that incidents that previously were happening but weren't reported are now being followed through and raised and managed."

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus

BYOD vs CYOD vs BYOC poll

Which approach is your firm taking to managing employees' mobile devices?

Popular Threads

Powered by Disqus
Sony Xperia Z2 Tablet powered by Android KitKat 4.4

Sony Xperia Z2 Tablet video

We take a look at the lightweight, waterproof tablet

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Data protection: the key challenges

Deduplication is a foundational technology for efficient backup and recovery


iPad makes its mark in the enterprise

The iPad can become a supercharged unified communications endpoint, allowing users to enhance their productivity

Senior IS Compliance Analyst (Risk Assessments) - Growing area

Senior IS Compliance Analyst / Risk Analyst (Risk Assessments...

Web Designer / UI Front End Developer - Opp in new department!

Web Designer / UI Front End Developer (HTML(5), CSS...

Senior Product Manager x2 (Online & Web Platform) - Global Org

Senior Product Manager x2 (Online, Software & Web...

Senior Web Developer / OO Software Engineer (Learn Ruby!)

Senior Web Developer / Software Engineer (Opportunity...
To send to more than one email address, simply separate each address with a comma.