Just a couple of weeks ago, we published the results of Protiviti’s 2015 IT Security and Privacy Survey, which illuminated the fact that when it comes to IT security, talk is cheap in comparison to effective policies and actions.
We all know that cybersecurity is important, but Protiviti has found that in order to effectively and aggressively address cybersecurity, organizations need to implement strong security frameworks and information security policies while keeping the board of directors engaged in information security.
Some of the key findings of this year’s survey found that:
- “Tone from the top” is a critical differentiator.
- Having the right policies is the foundation of strong information security.
- Many companies lack critical policies and an understanding of their “crown jewels.”
- There aren’t high levels of confidence in the ability to prevent an internal or external cyberattack.
As your organization examines its data security policies and procedures, these resources should be helpful:
- Protiviti’s Managing IT Security & Privacy page has several fantastic PDFs available for download
- The 2015 IT Security and Privacy Survey is a great resource for current trends and Protiviti’s latest findings
- In Clear and Present Danger: Cybersecurity Should Be a Top Priority, Protiviti managing director Jim DeLoach offers his insights on the 2015 Internal Audit Capabilities and Needs Survey and explains what internal auditors need to do in order to avoid making 2015 synonymous to 2014 when it comes to cybersecurity issues
If you’re looking for even more resources, KnowledgeLeader’s ever-growing Data Security topic area currently has 83 publications and tools, including benchmarking tools and reports, audit reports and programs, and risk and control matrices.