A worrying 50% of UK businesses lack the necessary processes by which to manage security issues and comply with regulation, according to research issued by security management provider NetIQ.
According to the report, which surveyed 218 security and IT managers across the UK, 57% of companies believe that internal staff have no understanding of the legislation and compliance requirements that will affect their operations. A further 40% of individuals surveyed said that upper management merely plays lip service to IT security in order to achieve compliance.
The research findings have recently been borne out by other independent polls performed around the pan-European financial services legislation Markets in Financial Instruments Directive and the new payment card industry data security standard (PCI DSS), readiness for which remains extremely low.
Research performed by the MiFID joint working group think tank JWG-IT found that the majority of firms expect the City to be hit by a wave of punitive fines this coming November, due to non-compliance.
Meanwhile Protegrity, a US-based security vendor, has found that 60% of merchants affected by the PCI standard do not understand its technical requirements and would fail the compliance test.