Asia/Pacific Manufacturers Lag Behind Other Regions In Awareness Of Information Security Risks
According to this study, a shockingly high percentage of Asian manufacturers do not know how many security events have occurred in their organizations in the past 12 months (58.3%) or the nature of the events (63.9%). These figures are higher than the worldwide average of 55.1% and 54.2% respectively.
However, when the respondents were asked to assess their organizations’ information security measures, three quarters of the manufacturers in this region say that they are very or extremely confident that the information held by their organizations is protected from external (77.8%) and internal (69.4%) attacks.
The disconnect between perception and reality suggests that Asia/Pacific manufacturers are not as aware of their security risks and threats as they think. Clearly, manufacturers in this region need to step up their awareness programs to get up to speed on their knowledge of the security risks and countermeasures that exist today.
This study also yielded positive findings. Compared to five years ago, information security has moved up the management hierarchy due to a combination of factors, including increasing challenges in the new economy, the rise in cyber crime and the growing complexity of terrorist threats. The survey results from this study show that 33.3% of Asia manufacturers indicated that their organizations' top security executive now reports directly to the CEO, while the rest (almost 70%) reported to either the CIO, CTO, CFO or board of directors, clearly signifying a rise in rank of the Chief Information Security Officer (CISO) as part of the C-Suite.
Advancements in IT such as Web 2.0 and cloud computing technologies have enabled a more productive organization in the manufacturing sector. However, these IT enablers also open up more risks to security.
Conclusion: Moving ahead, manufacturers should align their security strategies with business goals and direction to reduce the potential damage and loss caused by security attacks.