Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Public Teleconferences
Join CIO Executive Council members and participate in the following live one-hour teleconferences:
* Transforming IT Teams
September 16
* Global CIOs: How to Lead on the World Stage
September 18
* Social Responsibility's Strategic Benefits
October 29
Apply today for a FREE subscription to CIO Magazine!
The Fifth Annual Global State of Information Security
Five years ago, when CIO and PricewaterhouseCoopers collaborated on the first "Global State of Information Security" survey, very few people knew how bad the problem was. Now everyone knows. They just don't know how to fix it.
August 28, 2007 — CIO —
Awareness of the problematic nature of information security is approaching an all-time high. Out of every IT dollar spent, 15 cents goes to security. Security staff is being hired at an increasing rate. Surprisingly, however, enterprise security isn't improving.
For the fifth straight year, CIO, CSO and PricewaterhouseCoopers (PWC) present select results and analysis from the "Global State of Information Security" survey, the world's largest, most comprehensive annual information security survey.
And the first question to ask is, Are you feeling anxious?
Are you feeling the disquiet that comes from knowing there's no reason why your company can't be the next TJX? The angst of knowing that these modern plagues—these spam e-mails, these bots, these rootkits—will keep coming at you no matter how much time and money you spend trying to stop them? The chill that comes from knowing how much you don't know?
Yeah, you're feeling it.
You're feeling it because you're seeing it. According to the 2007 survey, a comprehensive canvassing of 7,200 respondents on six continents, you see the information security problem more clearly than ever before. You're seeing it because you've created tools and systems in order to see it. For example:
You've added processes. Three years ago, only 37 percent of companies reported having an overall security strategy. This year, 57 percent did. Also, nearly four out of five companies conducted enterprise risk assessments, at least periodically.
You've deployed technology. Nine out of 10 respondents said they use firewalls, monitor users and rely on intrusion detection infrastructure, and that number approached 98 percent when responses were limited to larger companies (more than $1 billion in revenue). Encryption is at an all-time high, with 72 percent reporting some use of it (compared to 48 percent last year).
You've hired people. The number of CISOs and CSOs employed continues to rise. And the mean number of information security workers per company has topped 100, most likely due to more outsourcing and the use of contract employees.
You've crafted an infrastructure for understanding. You're seeing it, and that's why you're feeling it. You're undergoing a shift from a somewhat blissful ignorance of the serious flaws in computer security to a largely depressing knowledge of them.
Results of the 2007 Global State of Information Security Survey
CSO Publisher Bob Bragdon discusses the findings of the 2007 Global State of Information Security Survey with PricewaterhouseCooper's Mark Lobel, and CSO magazine's Scott Berinato.
Email, blogging and mobile devices are important business tools, but they expose enterprises to legal, financial and regulatory risks.
Outbound email is essential to running any business today — allowing us to share information, work with partners and even interact with customers.
When it comes to technology investments, virtualization demonstrates drop-dead-obvious ROI.
Growing regulations are pressuring enterprises to find effective, affordable and easy email encryption solutions.
Today, there are many ways to approach email security — the question is: what deployment model is right for you?
Riverbed Raises the Ante Again in WDS with RiOS 5.0
Stop mobility from jeopardizing PCI compliance with these best practices.
Find out how the universal client can cut complexity and cost from your mobility environment.
Learn best practices for maximizing your mobile workforce infrastructure.
File Integrity Monitoring: Secure Your Virtual and Physical IT Environments
Encryption Made Easy: The Advantages of Identity Based Encryption
Rethinking the Corporate Help Desk: Learn how to deliver anywhere, anytime incident response
Building Competitive Advantage with Next-Generation Wireless Infrastructure
The Great Email Security Debate: Appliances, SaaS, or Virtual?
Find out what Forrester says about mobile endpoint security and its management.
Get Forrester's take on simplifying mobility with the universal wireless client.
Advanced DNS and Traffic Management Solutions: The Keys to Enhancing and Securing your Enterprise Network
Resource Alerts
Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.
Wall Street Beat: Spending Slows, Dell Does Too
Comcast Sets Monthly Bandwidth Limit for Customers
Dell Profit Falls As Revenue Grows
Google Extends Apps Premier Credit for Gmail Outages
Dell Profit Falls As Revenue Grows
Author Beware: 'Net Publisher's IT Pitfalls
Google Introduces Android Apps Store
Malware Infects International Space Station (ISS) Laptops
Google Extends Apps Premier Credit for Gmail Outages
Fujitsu Siemens Shows Its First Netbook
Just the basics, please. Sometimes we all need a refresher or we need to make sure our team and our colleagues are all on the same page.
Over 25 tutorials on everything from business intelligence to virtualization.
