Low implementation of IT security plans a risk for companies - Ernst & Young

Wednesday, August 10, 2011

More than 57% of Chilean companies have not implemented a security strategy to prevent infections and threats via the internet, Marcelo Zanotti, partner from consultancy Ernst & Young, told BNamericas.

Speaking at the Segurinfo information security congress in Chilean capital Santiago, Zanotti said the lack of security plans can be explained because of "cultural issues" related to the low level of planning that many companies have - not only in Chile, but throughout the region.

"We see companies that don't even have a business plan, much less a security strategy," said Zanotti. And a proper security strategy is required in the face of increasing attacks.

Start your 15 day free trial now!


Already a subscriber? Please, login

The consultant presented findings of the first security information survey for Chile, carried out during 2010 with 30 local enterprises, from different verticals and with more than 1,000 employees. The local survey was then compared to a global one that involved 1,598 organizations in 56 countries.

The results showed that only 3% of Chilean companies perceive an increase in security threats, compared to 25% of global firms. But on the other hand, 86% of Chilean firms think security breaches directly affect companies' reputations.

In other results, 63% of local companies are not using cloud computing and do not plan to use it in the near future, because there is no real "clarity about cloud security risks, so people are not adopting it," the consultant said.

And with respect to the use of social media such as Facebook and Twitter, 63% of companies surveyed said they needed to research more about the risks of these platforms to decide whether to allow them at the workplace.

"What's needed is to be able to anticipate trends like this. They need to see the benefits of tools like social media, not just forbid them," Zanotti said.