By Marcus Leach
High profile corporate cybercrime is putting information security on boardroom agendas around the world, a global survey revealed on Wednesday.
The need for increased measures to protect against corporate espionage and network hacking, the accidental or deliberate leaking of corporate data, and the loss or theft of company laptops, has never been so high, company bosses told the British Standards Institution (BSI), the leading business service for the development of standards, in a survey.
According to the research, which analyses responses from 645 businesses, risk of corporate data leaks is a key concern. Two thirds (64%) of the surveyed businesses that have implemented ISO 27001 (an information security management system) cited this as the most important driving force behind adopting the information security standard.
In addition to risk, the BSI research also shows that 72% of businesses are worried about the financial damage of cybercrime. This is perhaps unsurprising in view of a report from the Cabinet Office, which states that cybercrime costs British businesses £21bn a year.
BSI commissioned Erasmus University, the Dutch university that houses one of Europe’s top business schools, Rotterdam School of Management, to survey over 645 businesses in Asia, America, Europe and Australia.
Notably, 78% of organisations surveyed that have achieved ISO 27001 certification have implemented the standard from the senior management team down, with the board fully endorsing its adoption and adhering to its requirements.
This suggests that fears around data security breaches are a real boardroom concern. And with almost all the businesses surveyed (92%) saying that the endorsement of senior management is crucial to fight against information security breaches, organisations around the world appear poised to revolutionise the way in which data is secured.
The research is drawn from all sectors of business, with 27% belonging to the IT industry and another 40% drawn from telecommunications, financial services, manufacturing, engineering, health and public administration industries.
The Erasmus research also demonstrates, ISO 27001 tackles both the cost and risk surrounding information security directly, reducing the number of security incidents within certified organisations by 39%. Meanwhile, the research shows that almost one third (26%) of businesses that have achieved ISO 27001 certification have since seen a return on investment.
This is underscored by the fact that, according to separate BSI figures, the number of organisations that have achieved ISO 27001 certification from BSI grew by 21% between 2009 and 2011.
“The increasingly important role of technology in the workplace and the challenging economic climate means that data security is no longer something that businesses can ignore. Boardrooms around the world are finally waking up to the extreme costs and reputational risk that can be caused by security breaches. The need for a standard that helps to prevent data leaks is now greater than ever," Howard Kerr, Group Chief Executive, BSI said.
“The implementation of ISO 27001 is impacting businesses around the world, and our research shows that the standard is bringing significant benefits to businesses. 87% of the survey respondents reveal that the implementation of the standard has either had a positive or very positive impact on their companies. In addition to a reduction in the level of risk, 82% of those surveyed note an increase in the quality control of information, while 44% reported an increase in sales and improvement in competitive advantage.”
Join us on