IT execs view security and privacy as top priority
New and complex IT risks and changing business priorities challenge today’s IT leaders, according to a new survey from Protiviti. The results of the study reveal six areas of priority for CIOs and their organizations: information security and privacy; virtualization and cloud computing; social media integration; data classification and management; regulatory compliance and vendor management.
The survey asked participants to assess their skills and professional development priorities through more than 100 questions covering three major categories: technical knowledge, process capabilities and organizational capabilities.
Protiviti also offers insights about the areas that IT leaders expressed the most concerns about.
Social media applications and sites such as Facebook and Twitter have exploded in popularity in the past few years and new social media sites are coming online at a rapid pace. Some firms have vague or out-of-date social media policies in place that are unenforceable if inappropriate activity occurs.
Monitoring and achieving legal and regulatory compliance ranks high among IT leaders as an area in need of improvement. The volume and pace of regulatory change has been significant in recent years, and there are a number of regulatory issues that require IT involvement, including Dodd-Frank, Sarbanes-Oxley, Basel II, Solvency II and PCI-DSS. “IT must be an active part of compliance management, which typically involves developing, implementing or integrating tools and platforms to achieve active compliance and risk management,” said Underwood.
For every law and regulatory requirement, the company must also ask: What portion of my data does this affect? How do I classify and manage this data in accordance with the law? It also is important to note that, as a byproduct of the proliferation of new and emerging technologies, there are rapidly growing volumes of data being generated daily. By ranking, managing and classifying this data as a top “Need to Improve” competency, respondents may be saying they and their organizations are having difficulty understanding the increasingly complex regulatory landscape and how to comply with various new laws.
With more and more organizations transitioning to virtualized solutions as well as applications and activities in the cloud, external service-level agreements (SLAs) with an array of third-party vendors and other providers are a key concern for IT executives, according to the study. Similarly, determining a sound strategy and approach for outsourcing and off shoring are another critical area of focus, particularly given that many companies continue to seek innovative ways to save costs. However, many of these organizations lack clarity or direction about how to accomplish this effectively while continuing to deliver a high level of service and maintain compliance with company policies, applicable laws and regulations.
Because data breaches are costly and affect not just operations but also brand reputation, information security is another top priority for IT executives. Key considerations for leaders to consider are: How robust are our information security measures? Is our organization in compliance with industry standards for security and privacy as well as applicable laws and regulations, and do we have efficient systems and processes for tracking compliance?
The complete survey is available here.