Regulatory Compliance Remains IT Challenge

Thursday, September 19, 2013 @ 06:09 PM gHale


Regulatory compliance to protect corporate data continues to be one of the greatest challenges faced by businesses and organizations across all industries, a new survey said.

While an external data breach for financial gain is the biggest information security nightmare (34 percent), respondents indicated failing an audit closely follows at 31 percent, according to an EiQ Networks survey of 272 IT decision makers including security managers, and network and systems engineers across industries including healthcare, government, financial services and retail.

RELATED STORIES
FBI: Public, Private Support can Defeat Threat
Private, Public Sector Share Data
Obama Inks Cyber Security Order
Hackers ‘Declare War’ on U.S.

The two biggest challenges to demonstrating compliance are measuring and reporting on compliance (31 percent) and automating IT controls (24 percent), the survey said.

While compliance mandates continue to give IT professionals agita, the disconnect between security teams and business leaders is a growing concern. Thirty-six percent of information security professionals admit to meeting infrequently or never at all with business unit leaders to understand business objectives and information security needs.

Two-thirds of information security professionals said their IT security department is understaffed and could use more people. The information security needs of business have far outgrown the supply of qualified professionals to deal with them. It’s a gap most businesses hadn’t expected would be so wide, according to the survey.

More survey takeaways:
• Misuse by employees is the greatest risk facing enterprises today
• Over 50 percent of respondents reveal that less than 25 percent of mobile devices are monitored in real time
• 25 percent of respondents said they don’t know how long it would take their organization to find a root cause of a breach
• 42 percent of respondents react to an incident after they identify the problem
• 20 percent of respondents plan to implement SANS Critical Security Controls in the next 12-24 months.



Leave a Reply

You must be logged in to post a comment.