The many recent widely publicized breaches have caused businesses to rethink their security practices, looking for ways to improve the integrity of information without losing focus on primary goals and aspirations. In order to do so, chief information officers and other decision-makers have taken a step back and are allowing boardrooms and advisers to plan protection strategies, according to a new study by KPMG.
The global survey, called the Convergence Evolution, found that 50 percent of boards in the United States and 41 percent of those around the world are taking governance, risk and compliance much more seriously than they had previously. By deploying data security through the boardroom, companies can take a more holistic approach and ensure all aspects of the business receive the same attention without any duplications, KPMG reported.
"Organizations clearly are giving more prominence to integrating governance, risk and compliance activities, though most companies remain at a fairly early stage, confronted with issues such as the complexity of the undertaking and a lack of experienced executives in-house among the remaining key challenges," KPMG global governance risk and compliance leader John Farrell said.
The KPMG study also noted that governance, risk and compliance costs are increasing, as 90 percent of survey respondents saw this trend. While this forces companies to dig deeper into their pockets during a tough economy, it also suggests decision-makers will be more wary. If organizations need to spend more money than usual to keep sensitive information safe, they will be more particular to implement the right data security solution.
Choosing the right services to ensure information protection is important because even the consumer's view on data integrity is changing. According to a recent study by Edelman, 70 percent of people are more concerned about privacy than they were five years ago, as nearly half of survey respondents said an organization's data security is one of the top three qualities that impacts their purchasing decisions.
"This [Edelman] study is further evidence that security and privacy are now business imperatives that must be actively managed by companies and organizations," International Association of Privacy Professionals chief executive officer J. Trevor Hughes said. "It shows that security and privacy are key drivers in customer loyalty and trust, that if ignored pose a significant risk."
Unfortunately, the KPMG study found that only 45 percent of U.S. respondents distributed resources and functions across borders, creating a divide between sections of the company.This fragmented approach is likely part of the reason why costs of implementing data security tools are so high. By taking a holistic approach, organizations will likely be able to disperse protective solutions more effectively and for a lower cost.
"As compliance needs grow with the ongoing release of new regulatory standards, corporate boards want assurances that senior executives are managing risk appropriately, and C-suite executives, in turn, increasingly have an eye toward bringing all associated processes under one roof," KPMG partner Deon Minnaar said. "Convergence provides an increasingly popular common-sense approach."
KPMG said that governance convergence will reduce costs in the long-run for at least 7 percent of companies in the United States.
According to the Dataloss Database, there were more than 900 breaches in 2011, a significant increase from the two years prior. By taking a holistic approach to data security, businesses can be sure they take a more effective stance to guard against breaches that can damage budgets and reputations.
Data Security News from SimplySecurity.com by Trend Micro