Corporate reputation drives information security
Security is now everyone's problem
By Ian Williams at Infosec Europe 2008
VNU Business Publications
LONDON — Concerns over reputation and brand protection are key drivers of information security for nearly three-quarters of
The findings come from the latest Global Information Security Workforce Study from ISC2 published at Infosec Europe 2008.
'Corporate image' topped the list of top priorities for motivating information security governance, but the privacy of customer
data, identity theft and breach of laws and regulations are also key factors.
The fourth edition of the study was conducted by Frost & Sullivan and surveyed 7,548 information security professionals from
companies and public sector organisations in more than 100 countries.INFOSEC VIDEO: Interview with Ed Gibson, chief security
advisor at Microsoft UK
Small and mid-size organisations of up to 500 employees accounted for nearly 60 per cent of respondents to this year's survey,
and it seems that the security message is no longer the preserve of large enterprises.
The report attributes this attitude shift to business requirements and compliance, including the impact of the payment card
industry's PCI-DSS as well the increased public awareness of security issues.
"This year's study offers evidence of changing priorities for companies and subsequently a changing focus for information
security professionals," said John Colley, managing director of ISC2 in EMEA.
Organisations are coming under increased pressure over data loss and compliance, and the role of information security at the
executive level has been raised significantly in recent years.
The proportion of information security professionals reporting to executive management is now 33 per cent globally, compared
to 21 per cent in the first ISC2 survey in 2003.
The report also found that information security governance is becoming more focused on protecting data at rest and in transi