Are You Prepared for BusiLeaks?

Dec. 16, 2010
Mobile workforces, cloud computing and social networking pose significant threats to IT security.

In the era of WikiLeaks, it's no wonder that business executives are feeling less secure about their organizations' data. A recent study by Ernst & Young found that 60% of those polled perceive increased risk from the use of social networking, cloud computing and personal mobile devices at work.

"Organizations are operating in a world that requires borderless security," warns Bernie Wedge, an IT risk practice leader at Ernst & Young. "Information access by employees using mobile devices, or items that are maintained and accessed by customers, vendors or other business partners, are considered outside traditional borders. Therefore, companies must think about security beyond their employees, data centers and firewalls."

The study found organizations recognize the risks that come with emerging technology trends and are taking steps to protect information with stronger security programs. Half of the senior executives surveyed said they expect to spend more on data leakage/data loss prevention efforts over the next year. Still, facing continuing economic pressures, companies also want to reduce their overall IT spend and are looking to cloud computing services as a solution. The risk associated with cloud computing include data leakage; 52% of executives identified it as the largest associated risk. Some 39% cite the lost visibility of company data as an increased risk of cloud-based computing.

Information security is shifting from a technology-only approach to one that includes technology and people, the study shows. All employees have a role in information security and organizations need to clearly communicate their responsibilities. People and organizations "outside the borders of the traditional corporate environment play a role in helping to achieve information security objectives, but can also pose a risk to protecting your information," says Jose Granado, an information security expert at Ernst & Young. "A comprehensive IT risk management program must focus on people, processes and technology to address information throughout its lifecycle, wherever it resides."

See Also:
Finding the Business Case for Diversity
10 Key Challenges for CEOs

About the Author

Steve Minter | Steve Minter, Executive Editor

Focus: Leadership, Global Economy, Energy

Call: 216-931-9281

Follow on Twitter: @SgMinterIW

An award-winning editor, Executive Editor Steve Minter covers leadership, global economic and trade issues and energy, tackling subject matter ranging from CEO profiles and leadership theories to economic trends and energy policy. As well, he supervises content development for editorial products including the magazine,, research and information products, and conferences.

Before joining the IW staff, Steve was publisher and editorial director of Penton Media’s EHS Today, where he was instrumental in the development of the Champions of Safety and America’s Safest Companies recognition programs.

Steve received his B.A. in English from Oberlin College. He is married and has two adult children.

Sponsored Recommendations

Voice your opinion!

To join the conversation, and become an exclusive member of IndustryWeek, create an account today!