Technology and compliance teams work together to minimize the risk of data breaches
Organizations are facing an unprecedented variety of cyber risks that have the potential for devastating consequences, but a new study reveals that IT, security and compliance teams individually lack the resources to deal with them.
The study for communications compliance specialist Actiance and conducted by IDG Research finds enterprises moving towards a collaborative risk management model with increasing overlap between the different teams.
"Although the legacy technologies, buying processes, and functionally-driven priorities of the last 15 to 20 years have left some organizations with redundant and ineffective risk management processes and solutions, many companies have successfully bridged the resulting informational and organizational silos," says Robert A Cruz, senior director, information governance at Actiance. "Firms are evolving toward a more holistic, collaborative model that incorporates the priorities of IT, security, and compliance stakeholders."
The study finds IT, security, and compliance increasingly aligned in areas like managing the risk and impact of a data breach. Respondents across all functions overwhelmingly point toward clearly defined policies as an area that is working well today. Risk and compliance staff differ from others in highlighting monitoring and alerting process controls as an area that is also working well.
The evaluation and selection of risk management solutions is a practice applied by the majority of respondents, with only five percent reporting that their function alone is responsible for those tasks. However, all functions, particularly Security, report a lack of budget and resources to carry out their duties.
For the future all functions highlight the definition of common control processes as a top priority, though security respondents highlight the definition of business requirements for technology solution selection as top priority. Interestingly, adding extra people is not seen as a solution by any function, the addition of staff is least mentioned as a strategy for managing future risk.
You can find out more in the full survey results available from the Actiance website.