As the consumerization of IT continues to disrupt the enterprise, organizations need to implement robust risk management practices to ensure mission-critical applications and data are not inadvertently exposed through the utilization of new technologies. Unfortunately, not many businesses are taking the right approach to security and are experiencing problems because of poor practices.
A recent survey by Deloitte and Forbes Insight revealed that only 25 percent of decision-makers said they continually monitor risk throughout their infrastructure. As a result, data security is often compromised and sensitive solutions are at risk of being exposed.
Evolving risk landscape induces new challenges
The study found that 41 percent of survey respondents said the volatile global economy is and will be the biggest threat during the next three years. Regulatory compliance changes were also a major issue for decision-makers, as 30 percent of the study's participants said this would be a top concern throughout the coming years.
The rapid proliferation of social media in and out of the workplace is also creating challenges for businesses today, as approximately 27 percent of executives labeled the increasing use of social platforms as a major source of risk.
A separate report by KPMG noted that more than 70 percent of companies around the world now have an active presence on social networks.
"Social media wasn't even on the radar a few years ago and we're now seeing it ranked among the top five sources of risk, on the same level as financial risk," Deloitte government and risk management services co-leader Henry Ristuccia said. "The rise of social media is just another contributor to the volatile risk environment companies are being forced to navigate."
Regardless of whether an organization is worried about an employee's behavior on Facebook, dealing with evolving regulatory compliance or managing vulnerabilities associated with inadequate data protection tools, decision-makers need to implement more creative and robust risk management policies to ensure the safety of sensitive information.
How companies are dealing with diverse risk management landscape
Deloitte reported that more than 90 percent of survey respondents said they plan to revitalize their risk management policies within the next three years, while roughly 55 percent of those said they will do so within the next 12 months.
By using a proper metric system, companies can evaluate the risk landscape and determine which approach would provide the most substantial results, according to a report by the Ponemon Institute.
More than half of decision-makers said they will accomplish these goals by elevating the presence of risk management programs throughout the organization, Deloitte noted. Another 37 percent of executives said they would enhance employee training to increase awareness of risk management and minimize concern associated with insider threats.
The report also revealed that many organizations label risk management as a C-level responsibility, as 26 percent of respondents said it was the CEO's job to take control of threat oversight. While another 23 percent of business executives said risk management accountability remains with the CFO, only 19 percent of supervisors said chief risk officers need to govern risk management.
Decision-makers also plan to leverage manual and automated processes to report risk, as 28 percent of respondents said they are currently doing so, the study noted.
"Based on the findings of this survey, and our interactions with clients, we believe technology has the potential to play a breakout role in the management of risk but many companies are still behind the curve in this area," Deloitte partner Mark Carey said.
Security News from SimplySecurity.com by Trend Micro