Earlier this month, professional services firm Ernst & Young released its annual Global Information Security Survey report, this year titled “Into the cloud, out of the fog”. Zimbabwe is part of 52 countries where 1,700 IT leaders were surveyed across all industry sectors. Along with the global report, the local member firm released country specific findings compared side by side with the global survey results. You can download the local report here (it’s 506kb).
The report covers a number of issues ranging from the changing information security risk environment, to the use of cloud computing, information security budgets, use of mobile devices in companies, social media, business continuity and issues of data loss prevention.
We’ve been quite interested in developments regarding cloud computing locally. We facilitated a cloud computing breakfast briefing event this year, actually. The E&Y report says only 25% of respondents are currently using, evaluating or planning to use cloud computing based services within the next year. The other 75% are not using and are not planning anything at all. Globally, 61% are using or planning to use. Quite a huge gap! Is it an infrastructure issue? A budget issues?
We also use social media here a lot, albeit from the blogging angle, so we were naturally interested in the results of the use (the blocking, rather) of social platforms in organisations. We didn’t realize just how unpopular social media (we’re really just talking about Facebook here) is in companies. According to the report, 64% of respondents have implemented limited or no access to social media sites as a control to mitigate risks related to the platforms. The global finding on this is 53%.
The report encourages companies to embrace the full advantages of social media and implement information security policies for the access and use of social media. It also encourages IT leaders to invest in understanding better the risks these platforms pose. As opposed to this blanket social-media-is-high-risk approach which the report says is unlikely to be completely effective.
The report notes that the media risks included here are; the introduction of malicious software lurking within social networks, hacked accounts that are used to solicit information and the release of confidential or negative company information or personal data. It’s not very clear if the respondents are blocking specifically to guard against these risks alone or also just getting the productivity killer that Facebook is out of the way.
There are a lot more findings in the report. Make sure you download and read it in full if these issues interest you.