Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Top Stories

COMPLACENT SENIOR EXECUTIVES VALUE PERSONAL DATA ABOVE WORK DATA

research1

Published : , on

NTT Com Security Risk:Value report reveals four personas based on the value placed on corporate data and amount of IT budget spent on security

A report from global information security and risk management company, NTT Com Security, reveals that there are four distinct groups of organisation when it comes to measuring how much value senior executives place on their company’s data and how well that data is secured.  The groups – Enlightened, Informed, Passive and Complacent – are part of the company’s new Risk:Value report, a survey of 800 senior executives (not in IT) across eight countries.

Created by analysing responses from two critical questions in the research – how important various types of data are to the organisation, and knowledge of the proportion of IT budget spent on data security – the report shows that most (82%) respondents understand the importance of their data.  However, levels of knowledge about that data, and the extent to which they are willing to commit IT budget to securing it, varies widely among senior business decision makers.

Simon Church

Simon Church

Complacent respondents – the lowest of the four groups – do not see data as being important to their organisation and are most likely to value personal data above work data – 33% (personal) vs. 18% (work).  Respondents in the most proactive group, the Enlightened, however, are more likely to work in organisations that protect their information and place more value on work data than personal information, with a third (33%) valuing work data over personal data and just 16% seeing personal data as more important.

Outlining each of the groups in detail, the report entitled Risk:Value – Do senior executives understand their role in data security?, reveals that:

  • Enlightened organisations are prepared to commit at least 10% of IT budget on securing their data and are the most likely to have completely secured all of their critical data (62%).
  • Informed decision makers are more likely to be implementing data policies, with 29% reporting that they are in the process of implementing a formal data security policy and more than a quarter (26%) currently implementing disaster recovery plans.
  • Passive respondents value data but do not protect it.  They are most likely to admit they do not know how much of their IT budget is spent on data security, while nearly all (93%) do not know what the financial impact would be of a data security breach.
  • The Complacent group typically does not know how much budget is spent or admits only a small proportion is set aside to secure data.  It is also the least likely to have a recovery plan in place in the event of a security breach (just 24%).

Simon Church, CEO, NTT Com Security, comments: “This sliding scale of organisations gives a good indication of how well respected a company’s data is by the way senior people look at it and how much they know about how well it’s protected.  What’s worrying, however, is that Enlightened respondents, who are clearly the strongest of the four groups, represent 35% of senior executives, which is still a minority, while the weaker Passive and Complacent groups together represent 31%, yet show an inability, or unwillingness, to protect their data sufficiently.”

Church believes both organisations and the information security industry need to work harder, and in collaboration, to tackle this complacency: “It’s clear that organisational culture needs to change.  It’s easy to think that as an industry we’re doing a good job at raising awareness of security threats just because of the headlines, but clearly it’s not enough any more to motivate organisations into action. We have to reinforce the fact that security is everyone’s problem and everyone’s responsibility and to move organisations along the Risk:Value scale from Complacent to Enlightened.”

Persona groups and key characteristics:

Percentage breakdowns for the four persona groups (based on 800 respondents in Australia, France, Germany, Hong Kong, Norway, Sweden, UK and US):

  • Enlightened = 35%
  • Informed = 34%
  • Passive = 13%
  • Complacent = 18%

The Enlightened – Enlightened respondents understand the value that data has to their organisation. They classify at least five, if not all six, types of data (consumer customer, business customer, employee, business performance, intellectual property and R&S) as important to the success of their business. They also work in organisations that commit at least 10% of their IT budget to data security, which shows they also recognise that data security is an important aspect of their business.

The Informed – Informed respondents also understand the value that data has to their organisation.

As with the enlightened respondents, they classify at least five, if not all six, types of data as important to the success of their business.  However, the organisations that informed respondents work in commit no more than 10% of their IT budget to data security, and usually less. This shows that these senior executives are likely to understand the value of data, but that their organisations are not prepared to commit significant resources to supporting data security.

The Passive – Similar to the first two persona groups, Passive respondents understand the value that data has to their organisation, but are unaware of the proportion of the IT budget that their organisation commits to data security. This group therefore is not aware of the details of how important data is regarded by their organisation.

The Complacent – In contrast to the other three persona groups, these respondents do not appreciate the importance that much of their data has to their organisation.  They are also usually either unaware of the amount of IT budget that their organisation commits to data security, or are aware that their organisation only commits a small amount of their IT budget to it.

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!


By submitting this form, you are consenting to receive marketing emails from: . You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post