Die Perspektive des Informationsaustausches
Die in Kooperation mit Fraunhofer SIT entstandene Studie "Cyber Security - Die Perspektive des Informationsaustausches" hat zum Ziel, den aktuellen Stand zum Cyber-Security-Informationsaustausch innerhalb der EU-Mitgliedsstaaten zu identifizieren.
2013 TMT Global Security Study
Blurring the lines
In der aktuellen Deloitte-Studie „2013 TMT Global Security Survey“ wurden zum sechsten Mal rund 120 Unternehmen der globalen Technologie-, Medien- und Telekommunikationsbranche (TMT) zu den Herausforderungen im Bereich IT-Sicherheit befragt. Viele Unternehmen der TMT-Branche überschätzen ihr derzeitiges Sicherheitsniveau in Bezug auf IT-Sicherheit.
Nur 50 Prozent verfügen beispielsweise über weitreichende Pläne für den Fall eines Angriffs. Überdies haben sich im Vergleich zum Vorjahr die Prioritäten der Sicherheitsverantwortlichen verändert: Anstelle der Compliance tritt nun die Entwicklung einer Sicherheitsstrategie und einer Roadmap.
A note from the authors
This year the top security initiative for TMT organizations is security strategy and roadmap (where regulatory compliance was the top initiative last year) and the top concerns for TMT organizations are third party security risks and employee awareness. Now the big question is what to do next to manage growing security threats and new technologies while finding ways to maintain and strengthen security in a hyper-connected world where third parties and digital supply chains are an integral part of their business models.
TMT organizations now recognize that information security is fundamental to their business, and not just a compliance issue anymore. The 2013 security trends are converging to create an environment where traditional security boundaries are blurry or even non-existent. The question is not if you will be attacked; the question is when — and how you will deal with it. Effective management of information security risks requires a robust combination of prevention, early detection, and rapid response that involves third-party business partners as well as the public sector.
What do executives at the world’s largest tech, media, and telecom companies believe is needed to improve information security and address cyber threats in 2013?
Investing in information security
"TMT organizations are now focusing on information security because their customers and the marketplace demand it, not just because regulations require it."
Top three security initiatives:
- Information security strategy and roadmap
- Information security training and awareness
- Mobile security
Dealing with external threats
"Prevention is an important first step; however, no organization can be 100% safe from attack. Robust detection and advance preparation and planning may help stop a breach from turning into a crisis."
Top three threats 2013:
- Security breaches at third parties
- Denial of Service attacks
- Employee errors and omissions
People and technology
"People are part of the problem when it comes to information security, so they need to be part of the solution. Training and awareness may help TMT organizations manage the risks from new technologies."
Top three vulnerabilities:
- Number and type of third parties
- Increased usage of mobile devices
- Lack of sufficient awareness with employees
Third-party security risk
"TMT organizations need to work with their third parties to understand and improve their combined security capabilities. Contracts alone are not enough."
Top three actions:
- Control third-party access to data
- Identify third-party security capabilities, controls, and organizational dependencies
- Increase the cyber awareness of suppliers and business partners