Infosec 2010: Trust Will Drive Security Moves, Says PWC

Issues of trust and identity online will create new dangers and new opportunities, according to a study from PriceWaterhouseCoopers, commissioned by government-backed research body the Technology Strategy Board.

The roadmap report, “Evolution or Revolution”, warns that businesses may be losing their grip on trust and identity issues, and face an increasing cost for failing to deal with them. Announced at the Infosec Europe event in London, it suggests that companies should now see security as an essential and proactive part of doing business, instead of a technology cost, reacting to events.

Digital identity

“Digital identity is the biggest challenge over the next decade,” said Barry Jaber of PWC, explaining that a blurring of the difference between public and private may cause problems as well as create opportunities. In particular, users are aware of the risks in online commerce but do not see them in social networks because, at present, these are interactions with other people. As transactions increase in the social network space this may change, he said.

“Security is seen as a back-office solution to mitigate risk and respond to regulations,” said Jaber. “That will not be enough. In particular, chief executives need to be aware of information security issues in the planning process.”

“There is a flip side of this,” Jaber added. “Chief technology officers must think more about the business.” There are opportunities for those that do, as information security can be an enabler, he said.

The report was based on interviews with business leaders and experts at 70 organisations, including government departments, security vendors, academic bodies and end users.

Threat of data breaches drives investment

A survey conducted by The Ponemon Institute and commissioned by IBM last month found that the continued threat of data breaches and safeguarding sensitive corporate information were the key factors behind the growing investment in security strategies and technologies. Of the 115 C-level business executives surveyed, 100 percent disclosed that they have had their data attacked in the last 12 months.

“In the face of growing security threats, business leaders are finally recognising that a strong data protection strategy plays a critical role to their bottom line,” said Dr. Larry Ponemon, chairman and founder of The Ponemon Institute, at the time. “Today, C-level executives believe the cost savings from investing in a data protection program is substantially higher than the estimated value of recovering from a breach.”