Big Four & Leading Accounting and Consulting Firms – news, opinion and career opportunities for aspiring & current professionals & alumni

Deloitte: Top tech, media, and telecom firms to strengthen information security

By Rob Starr, Content Manager, Big4.com

Executives at the world’s largest Technology, Media and Telecommunications (TMT) companies have replaced compliance with implementing a 2013 security strategy and roadmap as the number one driver for improving information security, according to the Deloitte Touche Tohmatsu Limited (DTTL) TMT Global Security Study released recently. The study also reveals that companies are starting to recognize information security to be a fundamental business issue, with companies increasingly focused on cyber resilience, not just security.

Results of the study suggest overconfidence in protection against external threats, with 88 percent of executives not viewing their company as vulnerable. However, when pressed further, more than half of the executives acknowledged experiencing a security threat in the last year. Further, less than half of survey respondents reported having a response plan in place to address a security breach and only 30 percent believe third-parties are shouldering enough responsibility for cyber security.

“The question is not if you will be attacked: the question is when and how you will respond,” said Jacques Buith, DTTL Global TMT Security and Resilience Leader. “Effective management of information security risks requires a robust combination of prevention, early detection, and rapid response. Being cyber resilient is just as, or even more, important than being cyber secure alone.”

According to the survey, innovations in technology and the people using these technologies also rank as one of the biggest threats, with 70 percent listing their employees’ lack of security awareness as an “average” or “high” vulnerability. Employees without sufficient awareness of security issues may put an organization at risk by talking about work in public, responding to phishing emails, admitting unauthorized people into the organization’s facilities.

 

Comments are closed.