Out of Touch With IT? Survey Shows Most American Execs Are

Jan 29 2014, 3:08pm CST | by

Many American executives are out of touch with their IT department, putting them at risk for security issues and data loss. When surveyed by PricewaterhouseCoopers, more than 9,300 high-ranking executives gave answers that were often vastly different from what officials found.

The survey was conducted in 2012 in a cooperative effort between the US Secret Service, the FBI, and Carnegie-Mellon’s software engineering institute. While executives were polled in 128 different countries, most of the respondents were located either in America or Europe. Overall, there were discrepencies in almost every category between what respondents believed and what was true. For instance, more than 42 percent of those questioned stated that they considered their organizations front-runners in the area of IT security. However, when compared to requirements set by the group coordinating the survey, only 8 percent qualified as true leaders.

These differences are notable because, as the survey revealed, corporations are putting less resources into IT security, with spending on training and in-house IT security expertise down. While the number of breach instances were down during the period this survey covered, the recent security breaches at major retailers show that attacks often happen when businesses least expect it.

Whether your business is a massive corporation or an SMB that outsources its IT security to a cloud services provider, it’s important that you remain aware of your business’s IT security operations at all times. If PricewaterhouseCoopers quizzed you this year about your company’s security procedures, how would your answers measure up?

IT security is an important issue to busineses today. There are several measures you can take to boost your awareness of your IT department’s activities, while also reducing your chance of a disastrous security breach.

Have Written Policies

Every organization should have a set of written security policies in place that extend beyond the IT department. Department heads across the organization should be on board with these policies, passing them down to every team member. These policies should reviewed on an annual basis to address any new issues that have arisen as technology within the organization has changed.

In cases where storage and data recovery processes are outsourced to a third party, written policies are more important, not less. Your contract with the vendor should cover your individual needs, but you should also have in-house policies regarding password security, restricted access to crucial systems, and personal devices on the network. You should also check with your cloud services provider on any third-party services they use.

Set Server-Level Restrictions

High-level executives have the power to request certain restrictrictions that can be set at the server level. When a business’s leadership works side by side with IT staff, policies can be put in place that force certain security measures. When users change passwords every 90 days, for instance, they can be required to choose a strong password, consisting of a combination of a certain number of letters, numbers, and special characters. For mobile device users, your server administrators can set up a policy that remotely wipes a smartphone or tablet that has been stolen or misplaced.

Since many security breaches occur at the hands of an organization’s own employees, fully trusting employees is a mistake. Internal security risks are often unintentional, caused by human error. When measures are put in place to protect an organization against these mistakes, a business can dramatically reduce its risks.

Understand Liability

Executives may be at an even greater risk than they realize. As the ultimate overseer of a business, CEOs and presidents are often the go-to people when something goes wrong. “I didn’t know” isn’t considered a valid defense, since business owners are expected to know the day-to-day activities of each of their departments.

When a HIPAA breach occurs, responsibility now extends to the Chief Executive, as well as any business associate contractors and subcontractors involved. Even in instances where government regulations aren’t at play, business leaders are often the parties who must answer questions when something goes wrong.

Of course, the ultimate danger to any business that has a data breach is that business’s survival. According to Symantec, the avereage cost of a data breach is $7.2 million, averaging out to $214 per compromised record. After a data breach, a business often experiences a loss of trust from its valued customers, with many of those customers potentially never returning. A company the size of Target may be able to recover due to a long, positive track record, but a smaller business with a shorter history may have to shut its doors completely.

Have a Disaster Recovery Policy

In addition to protecting against data breaches, businesses should also consider the impact of a disaster. Whether a company faces threats from hurricanes, tornadoes, earthquakes, floods, fires, or a combination of any of the above, no building is 100 percent safe. Servers should be backed up regularly with data stored off site in a secure, disaster-protected facility. The disaster recovery plan should outline a contingency plan, as well, in the event a business’s office is uninhabitable for several weeks. Will employees be able to work from home? Is there an alternate location where temporary operations can be set up?

Like other written IT policies, the disaster recovery plan should be revisited on an annual basis. Some businesses bring in an outside consultant to help with creating and maintaining the plan, bringing years of expertise as well as an objective party into the process. For businesses interested in tackling the task on their own, the Small Business Administration provides a step-by-step guide that can help.

While hiring the right IT security professionals is vital, simply putting experts in place and stepping away isn’t sufficient for today’s volatile technology environment. Executives must work closely with technology experts to ensure the best interests of the business are being represented. When both sides work together to craft written policies, these policies not only ensure they’re working together, but they’ll also provide a document that can be passed on to employees, contractors, and investors.

Source: Forbes Business

 
 

Don't miss ...

 

<a href="/latest_stories/all/all/30" rel="author">Forbes</a>
Forbes is among the most trusted resources for the world's business and investment leaders, providing them the uncompromising commentary, concise analysis, relevant tools and real-time reporting they need to succeed at work, profit from investing and have fun with the rewards of winning.

 

blog comments powered by Disqus

Latest stories

Why There Are So Many Terrible Managers In Business Today And What To Do About It
Throughout my 18-year corporate career, I had scores of managers who were, sadly, anything but inspiring.  The majority were clueless as to how to motivate, lead or develop their staff, or help employees utilize their...
 
 
Five Red Flags That Scream "Don't Take This Job!"
You can find tons of advice about how to get a job interview and how to snag a job. Most of it comes from the “Do whatever you have to do to get hired!” school of thought. The job market isn’t a job-seeker’s paradise,...
 
 
Penguins Playoff Tickets Down 25% After Blue Jackets Take Home Ice Advantage
With their win last night against the Penguins, the Columbus Blue Jackets have won their first game in the NHL playoffs and brought the first NHL playoff win to the Buckeye State.  Despite that historic achievement,...
 
 
Community Colleges Are The New Business Incubators
The rumor is community colleges are fallback schools because of price or easy, last-minute admissions. But that isn’t exactly the case anymore. Community colleges are now in the business of providing entrepreneurial...
 
 
 

Latest from the Network

Why There Are So Many Terrible Managers In Business Today And What To Do About It
Throughout my 18-year corporate career, I had scores of managers who were, sadly, anything but inspiring.  The majority were clueless as to how to motivate, lead or develop their staff, or help employees utilize their...
Read more on Business Balla
 
Five Red Flags That Scream "Don't Take This Job!"
You can find tons of advice about how to get a job interview and how to snag a job. Most of it comes from the “Do whatever you have to do to get hired!” school of thought. The job market isn’t a job-seeker’s paradise,...
Read more on Business Balla
 
Penguins Playoff Tickets Down 25% After Blue Jackets Take Home Ice Advantage
With their win last night against the Penguins, the Columbus Blue Jackets have won their first game in the NHL playoffs and brought the first NHL playoff win to the Buckeye State.  Despite that historic achievement,...
Read more on Business Balla
 
Community Colleges Are The New Business Incubators
The rumor is community colleges are fallback schools because of price or easy, last-minute admissions. But that isn’t exactly the case anymore. Community colleges are now in the business of providing entrepreneurial...
Read more on Business Balla
 
Life Insurance and the 831(b) Captive Insurance Company - Wait For The Test Case Before Signing Up
There is an old saying about life insurance: “Life insurance isn’t bought, it is sold.” The public doesn’t exactly clamor to buy life insurance, and if you don’t believe me then just try to find a life insurance store...
Read more on Business Balla
 
Cesar Chavez Flick Lacks Nuance, Economic Literacy
The new biopic Cesar Chavez film is an emotional tale that breathes new life into the story of the important Latino labor organizer who died in 1993. Yet the film has multiple inaccuracies and doesn’t give justice to...
Read more on Business Balla
 
Why Jose Mourinho Needs To Worry About His Head When Chelsea Plays Atletico Madrid In UEFA Champions League
There are so many sidebars to the UEFA Champions semi-final between Atletico Madrid and Chelsea that is easy to forget that a fantastic encounter is in prospect forget. The Managers While Jose Mourinho needs little or...
Read more on Business Balla
 
Sherry Turkle's Solution To The Downside Of Screen Relations: Conversation
If Neil deGrasse Tyson from Cosmos has become the  bard of deep time, then Sherry Turkle is the bard of the present moment. Her stories, most recently Alone Together, tell us what our emerging technologies are doing to...
Read more on Business Balla
 
Cooperation And Corruption: Brothers From The Same Hormonal Mother
We humans contend with quite a few wicked flip sides in our personal and interpersonal lives. Gratitude can transform into resentment. Concern can morph into apathy. Love can quickly become hate. New research digs...
Read more on Business Balla
 
Sherry Turkle's Solution To The Downside Of Screen Relations: Conversation
If Neil deGrasse Tyson from Cosmos has become the  bard of deep time, then Sherry Turkle is the bard of the present moment. Her stories, most recently Alone Together, tell us what our emerging technologies are doing to...
Read more on Apple Balla
 
 
Auto Balla Sexy Balla Sport Balla TV Balla Politics Balla Movie Balla Apple Balla Business Balla Ad Balla Celebrity Balla