Companies are increasingly aware of how breaches of information security can affect business, but still need to do more to minimise the risk, according to a new survey by financial services and consulting firm Ernst & Young.
Its 9th Annual Global Information Security Survey, which compiled the views of around 1,200 senior information security professionals in 48 countries, found that 43% of companies now integrate their information security and risk management programmes and processes. That is up from 40% in 2005.
The survey also revealed that 80% of respondents had identified and prioritised critical business processes as part of its business continuity plans. Of this number, three quarters have undertaken an IT risk assessment in order to develop business continuity plans.
Meanwhile, one third admitted that the timescales for disaster recovery have not yet been reconciled with the business, and that only half of business continuity plans have actually been tested.