• silicon.com
• Management
• CIO Insights

By Steve Ranger, 14 November 2006 15:20

NEWS

Prodded by worried consumers, companies are only now starting to wake up to the need to invest in privacy and data protection.

For the first time in nine years organisations are listing privacy and data protection as a significant issue in an annual information security survey of 1,200 organisations by Ernst & Young.

Security from A to Z

Click on the links below to find out more...

A is for Antivirus
B is for Botnets
C is for CMA
D is for DDoS
E is for Extradition
F is for Federated identity
G is for Google
H is for Hackers
I is for IM
J is for Jaschan (Sven)
K is for Kids
L is for Love Bug
M is for Microsoft
N is for Neologisms
O is for Orange
P is for Passwords
Q is for Questions
R is for Rootkits
S is for Spyware
T is for Two-factor authentication
U is for USB sticks/devices
V is for Virus variants
W is for Wi-fi
X is for OS X
Y is for You
Z is for Zero-day

Its head of technology and security risk services Richard Brown said this is the result of growing consumer concern and awareness, because identity theft, loss of personal data, phishing attacks and other data infringements are no longer things they just hear about, but have probably happened to someone they know.

He said this "intensifying pressure" from the consumer to address privacy has forced companies to re-evaluate their data risk practices and procedures, particularly in the financial services sector.

And while companies are beginning to understand the investment required to get their own houses in order, they are still failing to manage third-party risk - 55 per cent of companies admitted to having no formal agreements in place with third-party suppliers that they share data with.

But compliance is still the top driver impacting information security, with two out five organisations (43 per cent) saying their information security function is integrated with the organisation's risk management programmes - up from 40 per cent last year.

The survey also found that while many organisations have business continuity plans only half have actually tested these plans, and one-third have not agreed recovery timescales with the business.