“…The very technologies that empower us to do great good can also be used to undermine us and inflict great harm. … Cyber threats are a challenge to our national security. … [The] problem of how we secure this digital world is only going to increase.” Said President Barack Obama in February 2015. Amongst major technology transformation and change, danger seemingly lurks everywhere for today’s enterprises. Devious cyber predators worldwide are threatening to blow the lid off organizational cybersecurity defenses.
Defending against these predators is consuming large amounts of Information Technology (IT) hours and resources at a time when a majority of organizations are undergoing a major IT transformation.
Outwitting the wolves at your organization’s “cyber door” and managing changes in the enterprise with confidence requires IT departments to deploy an impressive and innovative array of information security approaches, processes, tools, skills/personnel and collaborations.
Not surprisingly, the priority placed on security and privacy capabilities has intensified in our Internal Audit Capabilities and Needs Survey this year. In last year’s study the highest-ranked area in the Developing and Maintaining Security and Privacy Standards category had a priority index of 6.4 (on a 10-point scale). This year, a full dozen of the security and privacy capabilities we assessed are ranked 6.7 or higher. As we detail through the report, the results for CIOs and IT executives are even more pronounced. This year’s results show that IT leaders and professionals are contending with a vast number of increasing and competing priorities, including but not limited to cybersecurity. This also mirrors key findings from our recent Executive Perspectives on Top Risks for 2015 study, in which board members and C-suite executives identified cybersecurity as one of the top risks their organizations must address in 2015. In this report, we will share our key findings from this year’s Internal Audit Capabilities and Needs Survey.