IT Security Risk and Compliance Remain Major Concern

Businesses today face IT security and compliance risks on several fronts. But, are they rising to these rapidly proliferating challenges?

New survey results from McAfee suggests that the answer to that question is unfortunately, a resounding, "No."

The report, Risk and Compliance Outlook: 2011, commissioned by McAfee and conducted by Evalueserve, found that 41 percent of organizations are not well aware of or protected against IT security risks. In addition, the vast majority, 75 percent of respondents, are not confident that they will pass a regulatory audit, with more than half of organizations stating that they have already failed one.

The survey, which was conducted in Australia, Canada, France, Germany, New Zealand, Singapore, UK and US, also revealed that:


4 out of 10 companies feel they are at risk because they are not completely confident they can accurately deploy countermeasure products.


Nearly half (45 percent) are patching systems every week, and not surprisingly, a whopping 84 percent of the respondents feel that their business and security operations are impacted due to out-of-cycle patches.


More than 40 percent of organizations get into "fire-fight mode" when a regulatory audit approaches, diverting critical resources away from strategic priorities.


39 percent are not confident of being able to translate IT risks into business risks.


Databases also ranked as the biggest infrastructure challenge in terms of complying with regulatory mandates.


Nearly half of all companies plan to spend an average of 21 percent more in 2011 on risk and compliance solutions.

Given these survey results, McAfee predicts strong growth for risk and compliance products in 2011 with the majority of businesses demanding integrated and automated solutions.