What Is Crucial In Data Security Strategy

by CXOtoday News Desk    Oct 28, 2014

data security


Data security has been one of the major concerns of the C-suite in the rapidly connecting world. It is one of the factors that has huge influence on IT decisions and IT decision makers are under increased pressure to ensure data is secure.  

PwC blogger Richard Mardling wrote that he asked a CEO: ‘So, what keeps you awake at night?’  The answer was: ‘Cyber security!’.

CIOs are subtly mandated to see that everyone is on board as far as security policy is concerned.

IT security has the potential to make or mar a project. According to a study by Fortinet, 63% IT decision makers admitted to abandoning or delaying at least one new business initiative because of IT security concerns.  

Organizations are making constant efforts to secure their data and applications. But there have been numerous data thefts that have proved security measures inadequate. 

Fortinet says that the increasing frequency and complexity of threats (88%) and the new demands of emerging technology like the Internet of Things and biometrics (88 percent) pose the biggest challenge to data security.

The Internet of Things and Wearable Devices pose new security risks to enterprises, which need to have  strategy in place for the future risks.

“As organisations move ahead and embrace new technologies without fully comprehending the implications, they are becoming susceptible to an array of cyber-security threats and these threats today have become increasingly complex,” said the PwC report - State of the Information Security Survey - India 2015.

Rising security concerns have often affected organization’s plans to address data privacy and big data security. The Fortinet study found that the majority of companies have been provoked into action and new IT security investments because of  rising data privacy concerns (90 %) and securing big data initiatives (89%). 

Gartner also predicts that security market in India will touch $1.06 billion by 2015. It says that security vendor revenue in India will grow from $882 million in 2013 to $ 953 million in 2014.

“Organizations are today increasingly more aware of security considerations in India, driven by factors like highly visible security incidents, increasing financially and politically motivated advanced targeted attacks and renewed regulatory focus on security and privacy,” Gartner said.

Contrary to Gartner prediction, a study by consultancy firm PwC  stated that average security spend by Indian firms has come down by 17 per cent to $ 4 million in 2014 from $4.8 mn last year.

“The average cost of a security incident for Indian companies has more than doubled from $ 194 in 2013 to $ 414 in 2014 and there has been a 20 per cent increase in the average losses as a consequence,” said the PwC.

More than funds, the need of the hour for enterprises is to ensure a sustainable data security strategy.

McKinsey tips for data security

1.Organizations must treat cybersecurity as a key part of business strategy rather than technology governance. 

2.Companies will have to  start with technological vulnerabilities and on priority protect protect the most critical business assets or processes like customer credit card information. 

3.Reorient your security architectures from devices and locations to roles and data.