PwC have released their 2012 Global State of Information Security Survey.
The survey is a worldwide security survey by PwC, CIO Magazine and CSO Magazine. It was conducted online between February 10 and April 18, 2011. Survey respondents were from around the globe and were invited via email to take the survey. The results discussed in this report are based on the responses of more than 9,600 CEOs, CFOs, CISOs, CIOs, CSOs, vice presidents and directors of IT and information security from 138 countries. Twenty-nine percent (29%) of respondents were from North America, 26% from Europe, 21% from South America, 20% from Asia, and 3% from the Middle East and South Africa. The margin of error is less than 1%.
Threats to security, like the weather are hard to predict. Many executives point to the sunshine and clear skies overhead. Others eye the low barometric pressure
The survey produced 17 findings. The findings are summarised below:
A world of front-runners: Respondents categorize their organization
Finding #1 This year, a surprisingly high percentage of respondents consider their organization, in effect, a “front-runner” in information strategy and execution.
Finding #2 These “front-runners” see client requirement as the greatest justification for information security spending—and are passionate about protecting data.
Finding #3 Curiously, “strategists” are far more likely to clamp down on funding for information security than any of the other three groups.
Confidence and progress: A decade of maturation
Finding #4 A clear majority of respondents are confident that their organization’s information security activities are effective.
Finding #5 Companies now have greater insights than they’ve ever had into cyber crimes and other incidents and they’re translating this information into investments specifically focused on three areas: prevention, detection and web-related technologies.
Finding #6 After three years of cutting information security budgets and deferring security related initiatives, respondents are “bullish” about security spending.
Vulnerability and exposure: Capability degradation since 2008
Finding #7 One of the most dangerous cyber threats is an Advanced Persistent Threat attack. Few organizations have the capabilities to prevent this.
Finding #8 After three years of economic volatility and a persistent reluctance to fund the security mission degradation in core security capabilities continues.
Finding #9 Managing the security-related risks associated with partners, vendors and suppliers has always been an issue. It’s getting worse.
Finding #10 That 72% worldwide confidence rating in security practices may seem high but it has declined markedly since 2006.
Windows of improvement: Where the best opportunities lie
Finding #11 What are the greatest obstacles to effective information security? Leaders point to the lack of capital, among other factors—and shine the spotlight hottest at the “top of the house.”
Finding #12 Mobile devices and social media represent a significant new line of risk and defense. New rules are in effect this year for many organizations, though not yet the majority.
Finding #13 Cloud computing is improving security. But many want better enforcement of provider security policies, among other priorities.
Global trends: Asia races ahead while the world’s information security arsenals age
Finding #14 For several years, Asia has been firing up its investments in security. This year’s results reveal just how far the region has advanced its capabilities.
Finding #15 As North American organizations continue their reluctance to fund security’s mission at levels that they have in the past, capabilities continue to degrade.
Finding #16 In the face of economic uncertainty and in spite of a portfolio of security capabilities in decline, Europe pulls the purse strings even tighter.
Finding #17 Like most of the world, South America’s armory of information security defenses is rusting. As the region’s confidence in its security plummets, it thirsts for cash.
What this means for your business Look at the leaders. Learn from what they have done and how they are electing to address the future
Find the full details of the report here.