Organisations are rolling out new collaboration and communication technology before they have adequate security in place, according to a new report.
A survey of 100 top security executives at companies with revenues of $1 billion, for RSA, found that 80 percent of companies are concerned that pressure to cut costs and generate revenue has increased their exposure to security risks. More than seven in 10 have experienced a security incident in the last 18 months.
Nevertheless, most companies increased their use of virtualisation, mobility and social networking over the past 12-24 months, with more than one-third reporting an increase in cloud computing even though they do not have a security plan for it. Less than half have developed policies for employees to guide the use of social networking tools and sites.
Less than half the organisations surveyed have developed policies for employees to guide the use of social networking tools and sites.
More than 30 percent of the responding companies some enterprise applications or business processes running in the cloud, with another 16 percent planning to begin migration within the next 12 months.
However, among these organisations, two-thirds do not yet have a security strategy in place for cloud computing.
The research was conducted by by Computerworld UK sister organsiation IDG Research Services.
Seventy percent of the executives interviewed believe escalating levels of connectivity and information exchange are transforming their organisations into what RSA calls “hyper-extended enterprises”. It is new new web and communication technologies that are driving these changes, the report stated.
Alarmingly, many firms only brought in security staff to check the technology after it had already gone live, or after damaging incidents occurred.
The majority of respondents agreed they need to change and improve their approach to security in order fit with the reality of the business. They also admitted they had a lack of policies to guide the use of social networking.
The RSA report gave seven recommendations to businesses, including taking a risk management approach to the existing security environment, focusing on the quality of security, embracing new web technology with a proactive security approach, implementing advanced security management and sharing risk intelligence
Claudia Natanson, chief security officer at brewery giant Diageo, said it was important for businesses to take the right steps to verify the security around new technology.“When we have such a rapidly-changing environment, we need to absolutely cry, ‘Time out!’, she said. “We need to step away from it, and we need to examine if our programme has all the right gears.”
RSA has today released the results of its fourth Security for Business Innovation Council report, Charting the Path: Enabling the “Hyper-Extended” Enterprise in the Face of Unprecedented Risk.