Out of Touch With IT? Survey Shows Most American Execs Are

Jan 29 2014, 3:08pm CST | by

Many American executives are out of touch with their IT department, putting them at risk for security issues and data loss. When surveyed by PricewaterhouseCoopers, more than 9,300 high-ranking executives gave answers that were often vastly different from what officials found.

The survey was conducted in 2012 in a cooperative effort between the US Secret Service, the FBI, and Carnegie-Mellon’s software engineering institute. While executives were polled in 128 different countries, most of the respondents were located either in America or Europe. Overall, there were discrepencies in almost every category between what respondents believed and what was true. For instance, more than 42 percent of those questioned stated that they considered their organizations front-runners in the area of IT security. However, when compared to requirements set by the group coordinating the survey, only 8 percent qualified as true leaders.

These differences are notable because, as the survey revealed, corporations are putting less resources into IT security, with spending on training and in-house IT security expertise down. While the number of breach instances were down during the period this survey covered, the recent security breaches at major retailers show that attacks often happen when businesses least expect it.

Whether your business is a massive corporation or an SMB that outsources its IT security to a cloud services provider, it’s important that you remain aware of your business’s IT security operations at all times. If PricewaterhouseCoopers quizzed you this year about your company’s security procedures, how would your answers measure up?

IT security is an important issue to busineses today. There are several measures you can take to boost your awareness of your IT department’s activities, while also reducing your chance of a disastrous security breach.

Have Written Policies

Every organization should have a set of written security policies in place that extend beyond the IT department. Department heads across the organization should be on board with these policies, passing them down to every team member. These policies should reviewed on an annual basis to address any new issues that have arisen as technology within the organization has changed.

In cases where storage and data recovery processes are outsourced to a third party, written policies are more important, not less. Your contract with the vendor should cover your individual needs, but you should also have in-house policies regarding password security, restricted access to crucial systems, and personal devices on the network. You should also check with your cloud services provider on any third-party services they use.

Set Server-Level Restrictions

High-level executives have the power to request certain restrictrictions that can be set at the server level. When a business’s leadership works side by side with IT staff, policies can be put in place that force certain security measures. When users change passwords every 90 days, for instance, they can be required to choose a strong password, consisting of a combination of a certain number of letters, numbers, and special characters. For mobile device users, your server administrators can set up a policy that remotely wipes a smartphone or tablet that has been stolen or misplaced.

Since many security breaches occur at the hands of an organization’s own employees, fully trusting employees is a mistake. Internal security risks are often unintentional, caused by human error. When measures are put in place to protect an organization against these mistakes, a business can dramatically reduce its risks.

Understand Liability

Executives may be at an even greater risk than they realize. As the ultimate overseer of a business, CEOs and presidents are often the go-to people when something goes wrong. “I didn’t know” isn’t considered a valid defense, since business owners are expected to know the day-to-day activities of each of their departments.

When a HIPAA breach occurs, responsibility now extends to the Chief Executive, as well as any business associate contractors and subcontractors involved. Even in instances where government regulations aren’t at play, business leaders are often the parties who must answer questions when something goes wrong.

Of course, the ultimate danger to any business that has a data breach is that business’s survival. According to Symantec, the avereage cost of a data breach is $7.2 million, averaging out to $214 per compromised record. After a data breach, a business often experiences a loss of trust from its valued customers, with many of those customers potentially never returning. A company the size of Target may be able to recover due to a long, positive track record, but a smaller business with a shorter history may have to shut its doors completely.

Have a Disaster Recovery Policy

In addition to protecting against data breaches, businesses should also consider the impact of a disaster. Whether a company faces threats from hurricanes, tornadoes, earthquakes, floods, fires, or a combination of any of the above, no building is 100 percent safe. Servers should be backed up regularly with data stored off site in a secure, disaster-protected facility. The disaster recovery plan should outline a contingency plan, as well, in the event a business’s office is uninhabitable for several weeks. Will employees be able to work from home? Is there an alternate location where temporary operations can be set up?/>/>

Like other written IT policies, the disaster recovery plan should be revisited on an annual basis. Some businesses bring in an outside consultant to help with creating and maintaining the plan, bringing years of expertise as well as an objective party into the process. For businesses interested in tackling the task on their own, the Small Business Administration provides a step-by-step guide that can help.

While hiring the right IT security professionals is vital, simply putting experts in place and stepping away isn’t sufficient for today’s volatile technology environment. Executives must work closely with technology experts to ensure the best interests of the business are being represented. When both sides work together to craft written policies, these policies not only ensure they’re working together, but they’ll also provide a document that can be passed on to employees, contractors, and investors.

Source: Forbes Business

 
 

Don't miss ...

 

<a href="/latest_stories/all/all/30" rel="author">Forbes</a>
Forbes is among the most trusted resources for the world's business and investment leaders, providing them the uncompromising commentary, concise analysis, relevant tools and real-time reporting they need to succeed at work, profit from investing and have fun with the rewards of winning.

 

blog comments powered by Disqus

Latest stories

Pakistan blocks three Saarc connectivity pacts; Modi, Sharif avoid meeting (Intro Roundup)
Kathmandu, Nov 26 (IANS) Pakistan Wednesday played spoilsport by blocking three major Saarc connectivity projects initiated by India, even as Indian Prime Minister Narendra Modi conspicuously avoided meeting his Pakistani counterpart Nawaz Sharif while he met five other South Asian leaders here.
 
 
Way out of debt crisis far from easy: Angela Merkel
Berlin, Nov 26 (IANS) German Chancellor Angela Merkel Wednesday said the way out of the European debt crisis is long and far from easy.
 
 
The Black Friday 2014 Sales You can Shop Today 11/26
The Black Friday 2014 Sales You can Shop Today 11/26
Over 20 Black Friday 2014 sales are already launched. Get the deals early to get your head free for the hard to get Black Friday deals to be released on Thanksgiving Day.
 
 
Pakistan blocks three Saarc connectivity pacts; Modi, Sharif avoid meeting (Roundup)
Kathmandu, Nov 26 (IANS) Pakistan Wednesday played spoilsport by blocking three major Saarc connectivity projects initiated by India, even as Indian Prime Minister Narendra Modi conspicuously avoided meeting his Pakistani counterpart Nawaz Sharif while he met five other South Asian leaders here.
 
 
 

Latest from the Network

Albanian national arrested for nightclub shooting in Greece
Athens, Nov 27 (IANS) An Albanian national was arrested Wednesday for the shooting inside a nightclub in Greece Saturday, which resulted in 15 injuries. Albert Bako, 31, was apprehended during a police raid in an...
Read more on Politics Balla
 
Obama to host Jordan's King at White House
Washington, Nov 26 (IANS) US President Barack Obama will host King Abdullah II of Jordan at the White House Dec 5 to discuss issues of the Middle East, the White House said Wednesday. The two leaders will discuss...
Read more on Politics Balla
 
China pledges increased engagement with Saarc
Kathmandu, Nov 26 (IANS) A senior Chinese official said here Wednesday that the country will continue to deepen its ties with South Asian countries and outlined extensive policies to engage in trade liberalisation and...
Read more on Politics Balla
 
'Indian-origin woman killing in Sydney too well-planned'
Sydney, Nov 26 (IANS) The case of an Indian woman's killing by her jilted NRI husband is being heard in Australia and the police report indicates that the incident was so well-planned that it could be viewed as...
Read more on Politics Balla
 
Indian-origin student took bear's photos before it killed him
Washington, Nov 26 (IANS) An Indian-origin student in the US took photos of a bear while hiking in a US preserve before it mauled him to death, media reported. Darsh Patel, a Rutgers University student, and four...
Read more on Politics Balla
 
Iraqi forces break IS siege on town
Baghdad, Nov 26 (IANS) Iraqi security forces Wednesday broke the Islamic State (IS) Sunni radical group's months-long siege of a town in Iraq's eastern province of Diyala, provincial and security sources said....
Read more on Politics Balla
 
Five killed in Yemen Shia-Sunni clash
Sanaa, Nov 26 (IANS/EFE) At least four gunmen belonging to the Sunni Al Ahmar tribe and one member of the Shia Houthi militia were killed Wednesday in clashes that broke out in Yemen's capital, Sanaa, according to a...
Read more on Politics Balla
 
IS moving prisoners from Iraq to Syria (Roundup)
Baghdad, Nov 26 (IANS) Islamic State (IS) militants have begun transporting dozens of their Iraqi prisoners from Iraq to Syria, fearing that an attack by Iraqi troops on its northern stronghold of Mosul may be imminent...
Read more on Politics Balla
 
$49 Kindle and $99 Kindle Paperwhite Amazon Black Friday Deals announced
As expected Amazon will have a huge Black Friday sale on the Amazon Kindle eBook reader and the Amazon Kindle Fire Tablets. Amazon will offer the Kindle for just $49 starting Thanksgiving Day. This is $30 off the...
Read more on Black Friday Countdown
 
116 pro-democracy protesters arrested in Hong Kong
Hong Kong, Nov 26 (IANS/EFE) At least 116 pro-democracy protesters, including several of the movement's leaders, were arrested Wednesday after police cleared one of the three main downtown demonstration sites in Hong...
Read more on Politics Balla