Security risk management processes remain a significant challenge for UK businesses, according to security firm nCircle, which this week announced the results of its annual Risk Management Trends Report.
The UK study found that compliance reporting and reducing network security risk was again voted the most important issue by 60 per cent of CIOs and IT directors, although 46 per cent cannot say if security risk is increasing or decreasing over time.
When asked about their ability to measure and report on network security risk, 51 per cent said they were able to accomplish this, but this means almost half are still not. Worryingly, 38 per cent of financial services companies, responsible for handling consumer data, admit to being unable to measure network security effectively.
A significant 20 per cent of these senior IT professionals also do not know if they can perform this basic level of reporting.
In terms of reporting, 45 per cent of respondents said their companies take longer than a month to compile information for regulatory compliance, despite this being the top priority for 25 per cent of organisations. nCircle’s research also shows that UK companies are still falling far short of best practice, a worrying 30 per cent of respondents could not say with confidence how long it takes to compile compliance data.
Kevin Lamb, director of EMEA operations at nCircle, said: “CIOs and IT directors who embrace the benefits of effective security risk management reporting will create better, faster and safer businesses. As well as the direct positive impact on business risk, organisations stand to benefit from reduced operational and compliance audit costs. Clearly, a company that has real-time information has more risk control and higher efficiency levels than one that is taking three months to compile data.”
Almost half the companies, 45 per cent, said that better end-user attitude would make the biggest impact on improving security. “Often technology’s weakest link is end-user education and attitude. IT departments must take up the role of security ambassador in their organisations and find a way to talk to end-users meaningfully – metrics are a way to make security and risk management tangible and understandable for all,” Lamb said.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago