Information Security in 2018
Information and growth are intertwined as business become more reliant on the benefits of the cyber world. Security of information is an essential part of corporate operations, but sadly, most companies are lagging behind in drafting and implementing strategies needed to secure their data. For companies to compete favorably in the modern business environment, the leaders must take measures to protect the entities against cyber risks more so become resilient against cyber-attacks that have cascading disruptive effects on business operations.
State of Information Security
Every year, PwC takes a study on the state of information security, and the study involves over 9,000 CFOs, CEOs, CISOs, CSOs, VPs, CIOs, and directors of IT and security departments from over 120 countries. The Global State of Information Security 2018 delves into the practices that companies are undertaking as well as the innovations in information security. The survey further places focus on the people in charge of security, security funding, as well as the plans for securing data in the future. It also goes in to look at the tech trends that security managers grapple with, and the implication of corporate espionage.
Personnel In Charge of InfoSec
According to the survey, many of the respondents are not sure about how companies structure themselves about the personnel in charge of InfoSec and the threats it poses. 52% of the companies involved in the survey, employ a CISO, 45% have a CSO, and they are 40% report to the CEO and 27% directly to the Board. Despite this, less than half of the companies have dedicated information security personnel to support the internal corporate business operations.
Planning for Failure
The survey goes ahead to show that a majority of the companies have a mediocre plan on how to create concrete security strategies. Only 44% of the companies have the board participating in the creation of an overall security strategy, and this due to the hands-off approach of the board in the day-to-day corporate operations. Less than half of the companies involved in the survey have strategies to secure specific technologies such as big data, social media, mobile devices, as well as cloud computing.
Shortage of Qualified Personnel
The International Association of Privacy Professionals (IAPP) suggests that there is a need for 75,000 new Data Protection Officers (DPOs) around the world in 2018. With the rise in cyber-attacks on corporate networks and individual computers, corporates ought to begin the recruitment process now, preferably a trusted internal candidate with the necessary skills and on track to update his or her skills. They will be essential in drawing up and implement information security strategies.
In conclusion, companies to should stop being passive to risks that could jeopardize the integrity of their information. Maintaining a robust InfoSec strategy takes work, and it is a continuing process, but it pays off in the end.