Out of Touch With IT? Survey Shows Most American Execs Are

Jan 29 2014, 3:08pm CST | by

Many American executives are out of touch with their IT department, putting them at risk for security issues and data loss. When surveyed by PricewaterhouseCoopers, more than 9,300 high-ranking executives gave answers that were often vastly different from what officials found.

The survey was conducted in 2012 in a cooperative effort between the US Secret Service, the FBI, and Carnegie-Mellon’s software engineering institute. While executives were polled in 128 different countries, most of the respondents were located either in America or Europe. Overall, there were discrepencies in almost every category between what respondents believed and what was true. For instance, more than 42 percent of those questioned stated that they considered their organizations front-runners in the area of IT security. However, when compared to requirements set by the group coordinating the survey, only 8 percent qualified as true leaders.

These differences are notable because, as the survey revealed, corporations are putting less resources into IT security, with spending on training and in-house IT security expertise down. While the number of breach instances were down during the period this survey covered, the recent security breaches at major retailers show that attacks often happen when businesses least expect it.

Whether your business is a massive corporation or an SMB that outsources its IT security to a cloud services provider, it’s important that you remain aware of your business’s IT security operations at all times. If PricewaterhouseCoopers quizzed you this year about your company’s security procedures, how would your answers measure up?

IT security is an important issue to busineses today. There are several measures you can take to boost your awareness of your IT department’s activities, while also reducing your chance of a disastrous security breach.

Have Written Policies

Every organization should have a set of written security policies in place that extend beyond the IT department. Department heads across the organization should be on board with these policies, passing them down to every team member. These policies should reviewed on an annual basis to address any new issues that have arisen as technology within the organization has changed.

In cases where storage and data recovery processes are outsourced to a third party, written policies are more important, not less. Your contract with the vendor should cover your individual needs, but you should also have in-house policies regarding password security, restricted access to crucial systems, and personal devices on the network. You should also check with your cloud services provider on any third-party services they use.

Set Server-Level Restrictions

High-level executives have the power to request certain restrictrictions that can be set at the server level. When a business’s leadership works side by side with IT staff, policies can be put in place that force certain security measures. When users change passwords every 90 days, for instance, they can be required to choose a strong password, consisting of a combination of a certain number of letters, numbers, and special characters. For mobile device users, your server administrators can set up a policy that remotely wipes a smartphone or tablet that has been stolen or misplaced.

Since many security breaches occur at the hands of an organization’s own employees, fully trusting employees is a mistake. Internal security risks are often unintentional, caused by human error. When measures are put in place to protect an organization against these mistakes, a business can dramatically reduce its risks.

Understand Liability

Executives may be at an even greater risk than they realize. As the ultimate overseer of a business, CEOs and presidents are often the go-to people when something goes wrong. “I didn’t know” isn’t considered a valid defense, since business owners are expected to know the day-to-day activities of each of their departments.

When a HIPAA breach occurs, responsibility now extends to the Chief Executive, as well as any business associate contractors and subcontractors involved. Even in instances where government regulations aren’t at play, business leaders are often the parties who must answer questions when something goes wrong.

Of course, the ultimate danger to any business that has a data breach is that business’s survival. According to Symantec, the avereage cost of a data breach is $7.2 million, averaging out to $214 per compromised record. After a data breach, a business often experiences a loss of trust from its valued customers, with many of those customers potentially never returning. A company the size of Target may be able to recover due to a long, positive track record, but a smaller business with a shorter history may have to shut its doors completely.

Have a Disaster Recovery Policy

In addition to protecting against data breaches, businesses should also consider the impact of a disaster. Whether a company faces threats from hurricanes, tornadoes, earthquakes, floods, fires, or a combination of any of the above, no building is 100 percent safe. Servers should be backed up regularly with data stored off site in a secure, disaster-protected facility. The disaster recovery plan should outline a contingency plan, as well, in the event a business’s office is uninhabitable for several weeks. Will employees be able to work from home? Is there an alternate location where temporary operations can be set up?/>/>

Like other written IT policies, the disaster recovery plan should be revisited on an annual basis. Some businesses bring in an outside consultant to help with creating and maintaining the plan, bringing years of expertise as well as an objective party into the process. For businesses interested in tackling the task on their own, the Small Business Administration provides a step-by-step guide that can help.

While hiring the right IT security professionals is vital, simply putting experts in place and stepping away isn’t sufficient for today’s volatile technology environment. Executives must work closely with technology experts to ensure the best interests of the business are being represented. When both sides work together to craft written policies, these policies not only ensure they’re working together, but they’ll also provide a document that can be passed on to employees, contractors, and investors.

Source: Forbes Business

 
 

Don't miss ...

 

<a href="/latest_stories/all/all/30" rel="author">Forbes</a>
Forbes is among the most trusted resources for the world's business and investment leaders, providing them the uncompromising commentary, concise analysis, relevant tools and real-time reporting they need to succeed at work, profit from investing and have fun with the rewards of winning.

 

blog comments powered by Disqus

Latest stories

Global entrepreneurship summit boost for SMEs
Marrakech, Nov 22 (IANS) Nine agreements were signed between the Moroccan General Confederation of Enterprises (CGEM) and several small and medium enterprises (SMEs) as well as between major Moroccan banks and start-ups at the 5th Global Entrepreneurship Summit (GES 2014) held in Morocco.
 
 
NASA's flying saucer among 'Best of What's New'
Washington, Nov 22 (IANS) NASA's Low-Density Supersonic Decelerator (LDSD), a spacecraft that aims to facilitate the safe landing of future Mars missions, has earned a place in the the Popular Science magazine's "Best Of What's New" list.
 
 
Indian helping to light up Gambia (Diaspora Feature)
Banjul (Gambia), Nov 22 (IANS) Like many Indians who are proving to be philanthropists around Africa, Ram Mohan has set up a social business called Comafrique Intelizon Initiative and has embarked on the replacement of candles in villages in the Gambia with solar lights from India.
 
 
Leopards in human areas not conflict animals: Study
New Delhi, Nov 22 (IANS) Leopards in human areas are not always "stray" or "conflict" animals but residents with strategies to thrive in human dominated areas, says the first GPS-based study of leopards in India.
 
 
 

Latest from the Network

Amazon Black Friday: Samsung UN32H5203 Black Friday TV Deal is Best Seller on Amazon
Amazon begun to take pre-orders on 15 Samsung TV Black Friday 2014 TV deals. All deals are the at the lowest advertised prices in Black Friday ads. All Samsung Black Friday deals seem to be controlled by Samsung. Amazon...
Read more on Black Friday Countdown
 
Evangeline Lilly appreciated new Hobbit role
Evangeline Lilly found it ''liberating'' playing a new character in 'The Hobbit' movies. The former 'Lost' actress joined the cast as Tauriel in second movie 'The Hobbit: The Desolation of Smaug' and though she was...
Read more on Movie Balla
 
Indian smuggler shot by Nepal police
Kathmandu, Nov 22 (IANS) Nepal Police shot dead an Indian national along the Nepal-India border while he was smuggling weapons from India. The incident took place Saturday afternoon in Bishnupura village of Rupandhei...
Read more on Politics Balla
 
Battle with IS militants continues in Iraq
Baghdad, Nov 22 (IANS) Iraqi security forces launched a major offensive against Islamic State (IS) militants in the western province of Anbar Saturday, even as fighting continued in the province of Salahudin, a...
Read more on Politics Balla
 
Global entrepreneurship summit boost for SMEs
Marrakech, Nov 22 (IANS) Nine agreements were signed between the Moroccan General Confederation of Enterprises (CGEM) and several small and medium enterprises (SMEs) as well as between major Moroccan banks and start-...
Read more on Business Balla
 
Five killed in Indonesia landslides
Jakarta, Nov 22 (IANS) At least five people were killed and many houses damaged in landslides in Indonesia's North Sumatra Saturday, an official said here. Heavy downpour caused the landslides in Sibio Bio village of...
Read more on Politics Balla
 
Al-Shabaab claims responsibility for Kenya bus attack
Nairobi, Nov 22 (IANS) Somalia-based militant group Al-Shabaab Saturday claimed responsibility for the killing of 28 bus passengers in Kenya. Al-Shabaab spokesman Sheikh Ali Mohamud Rage said the dawn attack on the...
Read more on Politics Balla
 
Force India cars to start 13th, 14th at Abu Dhabi
Abu Dhabi, Nov 22 (IANS) Force India drivers Sergio Perez and Nico Hulkenberg will start 13th and 14th at the season ending Formula 1 Abu Dhabi Grand Prix to be held at the Yas Marina Circuit here Sunday. In Saturday'...
Read more on Sport Balla
 
Chandhok finishes 6th in Putrajaya ePrix
Putrajaya (Malaysia), Nov 22 (IANS) India's Karun Chandhok, driving for Mahindra Racing, eventually finished sixth to bring home eight points despite racing for a podium spot for most of the Formula E Putrajaya ePrix...
Read more on Sport Balla
 
Australia replace Sandhu with Conway in team facing India
Melbourne, Nov 22 (IANS) New South Wales (NSW) fast bowler Harry Conway replaced bowler Gurinder Sandhu in the CA XI squad in the first tour match against India as the Indian-origin player was selected for the NSW...
Read more on Sport Balla