Security has become an increasingly important issue to business, and companies are assigning more of their IT budget to ensuring the issue is adequately covered.
Security spend was fairly high in the early 1990s, but levelled off towards the end of the decade. Now, increased spend has become a global trend once again, says Accenture security practice global managing partner Alastair MacWillson.
"Security has never gone away, it has just taken backstage for a while. But now the interest has been re-awakened. Some have gone as far as saying security is the number one boardroom issue. I don`t know if that`s the case, but it`s certainly a major issue, and no different in SA."
According to a number of research firms, including Forrester and Gartner, up to 2002 the five-year trend for company security expenditure was 3% to 5% of the total IT budget. Security spend has increased since 2002, and is now at around 4% to 7%.
MacWillson attributes the increase to highly regulated institutions - such as banks - and governments, adding that manufacturers are generally at the other end of the scale.
Locally, the company is seeing a significant amount of interest from companies regarding security issues, says Accenture SA director John Bell. "Up until now, companies have not really been willing to invest significantly in security unless they saw it as critical. Security is now our fastest growing area in the infrastructure and consulting space."
In an effort to learn more about local security issues, the company is conducting a survey - aimed at company CIOs or CTOs, says MacWillson.
According to initial feedback, CIOs are worried about growing complexity, particularly in terms of Internet connectivity and problems it poses in terms of protecting a company`s own interests.
"Connectivity is great, but it means that CIOs not only have to manage the company`s own users, but all the partners, potential hackers and so on. It`s one of the big challenges they face," says MacWillson, pointing out that some CIOs deal with up to two million valid users.
Companies implementing Web services that are not completely secure could become another big risk, he says. "You could say that 'new age` companies are more worried about external threats.
"However, fraud is probably the number one concern in the financial sector, so you could say many people are just as interested in protecting their companies from the inside as from the outside."
Viruses are also an issue. "You will never eliminate 100% of viruses, so we tell companies that they will have to deal with some level of attacks. This means ensuring you have a good infrastructure, including crisis management, and so on."
MacWillson concludes that human negligence plays a huge role in the ongoing virus problem. "It`s more the simple things that aren`t done, like ensuring patches are up to date, and it leaves companies with huge problems."
Share
