The worst downturn in a generation is forcing organizations to adapt to reduced budgets at the same time as facing increased threats and greater scrutiny through new regulations says the Information Security Forum in its latest briefing report: Managing Information Security in a Downturn.
The pressure is on with 63% of ISF Members – comprising many of the world’s largest companies and public sector organizations – reporting that they expect to face reduced budgets in 2009. According to the report, the financial crisis has also accelerated the change and sophistication of new threats to information security. Many emerging longer term threats now pose a real challenge today and present serious legal, financial and reputational consequences.
The ISF identifies five major challenges that currently face information security professionals: responding to the changing information risk profile, managing the greater impact of incidents, keeping up with business change, surviving budget and staff cuts, and not losing sight of longer term risk and compliance demands in favour of short term measures.
Specific threats highlighted by the ISF include the rapid increase in targeted and organized cybercrime, espionage and the risk to intellectual property, internal and external fraud and embezzlement, and sabotage or theft of sensitive information through disgruntled employees.
SF president and CEO Prof Howard A. Schmidt, remains convinced that organizations are in a better position to deal with the current crisis than ever before. “Security is no longer an add-on but is ingrained within the IT infrastructure, business processes and strategic planning from the outset. Working more closely together and adopting new methods to analyze and tackle the changing dynamics of security risk will help us through the tough times of the downturn and emerge stronger,” says Prof Schmidt.