- 12 myths about how the Internet works
- Smartphone smackdown: Storm vs. iPhone
- IETF: Should we ignore the Kaminsky bug?
- Top 10 wicked cool algorithms
- How to recession-proof yourself
The Deloitte & Touche annual survey of security practices at 169 financial institutions found that 98% of them are spending more on information security this year than last year, and putting a greater emphasis on IT governance.
Security spending is up as much as 15% over last year at 11% of the 169 corporations surveyed, which include banks, and investment and insurance companies from 32 countries. According to the 2007 Global Security Survey, the biggest spending hikes were made in audit or certification costs, logical-access control products, infrastructure protection devices and compliance and risk management.
While 38% of the organizations surveyed did not measure their security budget on a per capita basis, of those that did, 7% said they spend more than $1,000 per person, 7% between $501 an $1,000 per person, 14% between $251 and $500, 23% between $100 and $250, and 11% under $100.
In a related trend, 81% of the financial institutions surveyed said they’ve adopted a formal Information Security Governance framework, up from about 70% last year. The vast majority of the remaining respondents said they are in the process of establishing one.
Deloitte & Touche said the higher adoption rate in formal Information Technology Governance frameworks -- which detail lines of authority and reporting requirements, business processes, technology and security measures -- appears due to the increased pressure of government regulation.
The technology executives who participated in the annual Deloitte security survey -- 22% from Japan and the larger Asia-Pacific region, 12% from the United States, 23% from Latin America , 7% from Canada, 31% from Europe, the Middle East and Africa, and 5% from the former Soviet Republics -- indicated that getting through internal and external audits can be tough wherever you are.
They report that the main audit obstacles are networks that still allow excessive access rights; lack of adequate audit trails/logging; and failure to assure access control complies with formal business procedures.
The 2007 Global Security Survey also asked the respondents questions about technology use.
One question pertained to whether organizations prohibit use of wireless technologies, including wireless LANs, infrared networking or mobile devices, due to security reasons.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment