IT security holding back business innovation

Concerns over security and risk stop projects progressing in nearly half of all firms, says NTT Security research.

Data Security

Information security and risk management plays a critical role in UK organisations, yet just a quarter of UK organisations see it as an enabler to innovation and growth

This is according to findings from a survey of UK IT decision makers commissioned by NTT Com Security (formerly Integralis), revealed at the firm's annual Information Security World (ISW 2013) conference in London this week. 

"It's interesting that those companies who see information security and risk as an enabler of business innovation and value, and who proactively base their spending on assessed risk, are much more likely to have the topic on the board's agenda," comments Neal Lillywhite, SVP Northern Europe at NTT Com Security. "They are also much more confident when it comes to information security and risk matters."

The survey reveals that more than half of all organisations view security and risk as critical to their discussions and planning of new products and services with six in 10 financial organisations admitting this is the case.

Those who see information security and risk as an enabler of business innovation and value, and who proactively base their spending on assessed risk, are much more likely to have the topic on the board's agenda.

However, concerns over information security and risk have stopped either a project or business idea progressing in nearly half (49 per cent) of all organisations surveyed, with the financial sector showing most concern 56 per cent have put projects or ideas on hold due to their fears.

The topic of risk was central to NTT Com Security's ISW event, where Nick Leeson, responsible for the collapse of Barings Bank in 1995, presented to a room of over 300 security and risk professionals. 

Talking about what happened at Barings, Leeson believes that the lack of safeguards and lack of visibility and control of risks are still in place in many large organisations: "Not enough focus goes into risk management and compliance and this is a real challenge.  Only lip service was paid to the fact that risk management needed to improve then and in many cases this is still the same today."

According to the research, confidence among businesses remains high, with more than half (52 per cent) of all respondents agreeing that the organisation is completely in control of information risk', rising to nearly three-quarters (72 per cent) for financial services organisations.

However, while organisations are basing their spending on a mixture of assessed risk and protecting against threats, it seems that most are still taking a reactive rather than a proactive approach to risk management. Only one in five organisations base their spending on assessed risk even less for businesses in financial services and around one in four base it on protecting against the next threat.

"While the majority see a benefit to having a proactive approach when assessing the risk of information assets, the fact that still only a fifth base their spending on assessed risk shows there is plenty of room for improvement and that there is still a lot of work to be done," adds Lillywhite.

This article was originally published on IT Pro's sister title Channel Pro. 

Featured Resources

Security analytics for your multi-cloud deployments

IBM Security QRadar SIEM solution brief

Download now

Five reasons to move to the cloud

Join the enterprises moving their workloads to the cloud

Download now

Architecting hybrid IT and edge for digital advantage

Why business leaders should consider a hybrid IT strategy

Download now

Six reasons to accelerate remote asset monitoring with AI

How to optimise resources, increase productivity, and grow profit margins with AI

Download now

Recommended

Lazarus APT hacking group is targeting the defense industry
Security

Lazarus APT hacking group is targeting the defense industry

26 Feb 2021
Microsoft open sources CodeQL queries used in Solorigate inquiry
Security

Microsoft open sources CodeQL queries used in Solorigate inquiry

26 Feb 2021
CISA warns of ongoing Accellion File Transfer Appliance attacks
hacking

CISA warns of ongoing Accellion File Transfer Appliance attacks

25 Feb 2021
What is a Trojan?
Security

What is a Trojan?

25 Feb 2021

Most Popular

How to build a CMS with React and Google Sheets
content management system (CMS)

How to build a CMS with React and Google Sheets

24 Feb 2021
Npower shuts down app after hackers steal user data
hacking

Npower shuts down app after hackers steal user data

25 Feb 2021
New monitors for an agile new normal
Sponsored

New monitors for an agile new normal

19 Feb 2021