When it comes to the most pressing concerns over information security, a majority of business and technology executives say their greatest fear is fear itself.

A new global information security survey from Ernst & Young entitled “Creating trust in the digital world” finds that the overwhelming majority (88 percent) of executives do not believe their security investments are sufficient. Nearly two-thirds (69 percent) would like to see their IT security budgets increased by at least 50 percent as a result.

While there is some good news in the study -- executives are less fearful of cyberattacks unwittingly caused by unaware employees or due to outdated systems – fears over phishing attacks and malware are on the rise.

Perhaps surprisingly, the study revealed that many organizations still do not have the proper policies, tools, and personnel in place to safeguard networks and data. For example:

• 54 percent do not have a dedicated function that focuses on emerging technology and its impact

• 47 percent do not have a security operations center

• 36 percent do not have a threat intelligence program

• 18 percent do not have an identity and access management program

“Organizations are embracing the digital world with enthusiasm, but there must be a corresponding uptick in addressing the increasingly sophisticated cyber threats,” said Ken Allan, EY’s global cybersecurity leader. “Businesses should not overlook or underestimate the potential risks of cyber breaches. Instead, they should develop a laser-like focus on cybersecurity and make the required investments. The only way to make the digital world fully operational and sustainable is to enable organizations to protect themselves and their clients and to create trust in their brand.”

That may be easier said than done, the study also confirms. A majority of organizations (57 percent) indicated that the single greatest challenge to properly addressing issues related to IT security is a lack of trained staff.

Several IT workforce studies this year have confirmed that security professionals are among the most in-demand of all IT workers, with salaries for these professionals rising faster than any other IT job role. Furthermore, the time-to-hire for IT security professionals has nearly doubled from two years ago, many recruiters have confirmed.

The EY study confirms those trends, and also reveals that the outlook is getting worse as we approach 2016.

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access