In today’s economic, political, and social environment, customers are demanding the security of their information, as the concern about privacy and identity theft rises. Business partners, suppliers, and vendors are requiring security from one another, especially when they provide mutual network and information access. National and international regulators are asking enterprises to prove that they obey privacy laws and implement high-security measures.
In July 2012, The Association of Certified Fraud Examiners released their 7th Report to the Nation on Occupational Fraud and Abuse. The information contained in the report is based on more than 1,300 cases of occupational fraud in nearly 100 countries, provided by Certified Fraud Examiners (CFEs) who investigated those cases. The summary of findings in the report is eye-opening. Here are a few of the highlights from the report:
Superior information security requires a combination of smart decisions and intelligent security strategy. Big budgets to implement new technologies aren’t solving many of the problems generated by fraud and theft. It is also important to know when, who and how to deal with the complexity of IT Security. Five basic outcomes can be expected to result from developing an effective governance approach to information security:
As I wrote before, effective IT Security Governance is fundamental to achieving business objectives, maintaining regulatory compliance and meeting stakeholder requirements. Security and privacy are key matters that affect every business.