New study finds over 84% of North American enterprises suffered security breach in past year

CA has announced a new security survey of 642 large North American organisations which shows that more than 84% experienced a security incident over the past 12 months and that the number of breaches continues to rise.

According to the findings, security breaches have increased 17% since 2003. As a result, 54% of organisations reported lost workforce productivity; 25% reported public embarrassment, loss of trust/confidence and damage to reputation; and 20% reported losses in revenue, customers or other tangible assets. Of the organisations which experienced a security breach, 38% suffered an internal breach of security.

In addition, the findings indicate that security isn`t being taken seriously enough at all levels of an organisation, especially in the financial service industry. Nearly 40% of respondents indicated that their organisations don`t take IT security risk management seriously at all levels, while 37% believe their organisation`s security spending is too low. Only 1% believe it is too high.

Despite these findings, the survey revealed that organisations are taking steps to improve security. The three most important cited security steps were documenting security policies (88%), creating security education policies for employees (83%) and creating a chief information security officer position (68%) within the organisation.

The survey also found that a lack of centralised security administration is affecting employee productivity. Only 6% of the organisations were able to provide new employees or contractors with access to all the applications or systems they require on their first day of work.

"These survey results demonstrate that even though organisations are investing in security technologies, they still aren`t achieving the results they seek," said Toby Weiss, senior vice-president and general manager of CA`s Security Management Business Unit. "Clearly, more work needs to be done in terms of both improved security management itself and better education of business users about the importance of IT security best practices."

The survey also found that organisations are turning towards identity and access management (IAM) technology to improve security, enable regulatory compliance and reduce costs. More than 75% of the organisations surveyed have implemented some form of IAM functionality and are continuing with IAM investments, with an additional 18% planning to begin rolling out an IAM solution or extend their IAM deployments over the next 12-18 months.

Trek to the summit

00Days

:

00Hrs

:

00Min

:

00Sec

The survey of large organisations across North America was conducted by The Strategic Counsel from January through May of 2006. The organisations surveyed had average annual revenues of $1.4 billion and average annual IT budgets of $22 million. The survey was conducted across the manufacturing, government, financial services, retail, communications, healthcare/pharmaceuticals, and oil and gas sectors. Survey margin of error ranges from 2.6 to 3.8 at a 95% confidence level.