‘Mobile devices seen as #1 information security threat’

The fifth annual Deloitte Global Technology, Media & Telecommunications (TMT) Security Survey, conducted with 138 TMT companies around the world, indicates that TMT companies are generally holding steady as compared to the prior year on their information security activities, budgets, governance, and reporting. Yet the threats to Information Technology (IT) security are on the rise and the impact of security incidents is ever more significant. TMT organizations are not coping with the evolving environment: More than half (52 percent) of respondents to the Deloitte study indicate that their security expenditures are either falling behind or catching up to what is expected. The survey also reveals the top five high threats envisioned for information security in 2012 are: 1. Mobile devices (34 percent) 2. Security breaches involving third parties (25 percent) 3. Employee errors and omissions (20 percent) 4. Faster adoption of emerging technologies (18 percent) 5. Employee abuse of IT systems and information (17 percent) While mobile devices are considered the number one security threat for 2012, it is not the device itself that poses the threat, but more so the sensitive data that it carries. “The ability to access information from anywhere at any time has become part of our daily lives-however, this ability also increases the threat to information security,” said Santino Saguto, TMT industry leader at Deloitte Middle East. The study shows that 30 percent of the TMT companies surveyed have a new security initiative for 2012 around compliance with information security legislation and regulations. In the history of the study, never before has a similar initiative ranked in the top five priorities for TMT organizations. TMT organizations also identify security training, data protection, and security related to technology advancements as pressing issues. “Governments are turning to stricter legislation and regulations, but that does not necessarily mean that TMT companies have failed to properly regulate themselves,” said Saguto. “Compliance and regulations are baseline elements, yet TMT organizations in particular can and should use security to distinguish themselves in the market. So, it can be expected that TMT companies that proactively deal with information security and make it a high priority will be the best organizations in the sector.” As governments work to draw up adequate legislation for the Internet, Deloitte’s research reveals that 50 percent of the companies participate in cyber initiatives with other organizations in order to address cyber threats. This finding indicates that doing it alone is no longer an option in the current environment-information security requires teamwork. IT solutions and regulations alone cannot ensure proper information security-the human element plays a major role. One fifth of the organizations interviewed state that one of the major threats they face when it comes to information security is employee errors. Another 17 percent identify employee abuse as a major threat to IT systems and information. Consumerization is another risk on the rise-that is, the use of personal smartphones, tablets, or laptops by staff for business purposes. More than 40 percent of the companies interviewed state they support personal devices in addition to corporate provided devices. “This introduces new challenges involving confidentiality of data, privacy of staff, distribution of applications, and IT support,” said Saguto. Santino Saguto is partner at Deloitte and leader for the TMT (Technology, Media & Telecommunications) sector in the Middle East. He has more than 20 years of telecommunications, media and high tech industry experience in the Middle East and Europe having worked both in industry and consulting organizations. He led telecommunications practices in a number of companies including Value Partners, Spectrum Strategy Consultants, Booz Allen & Hamilton and A.T. Kearney before joining Deloitte.