Subscribe Now

* You will receive the latest news and updates on the Canadian IT marketplace.

Trending News

Blog Post

Businesses must embrace information risk management, says Economist Intelligence Unit

Businesses must embrace information risk management, says Economist Intelligence Unit 

The EIU surveyed 341 senior leaders across the globe, of whom 41 per cent were C-level executives or board members. Of those 341 participants, 27 per cent reported that there is little cross-organizational awareness of information risk. Moreover, 23 per cent of respondents said they do not have the skills or knowledge necessary to lead in the event of a breach, while another 57 per cent responded that they have not received training on what to do after information has been compromised.

The most troubling part of the EIU’s research, perhaps, is that almost half of respondents reported that they have experienced a loss of data in the past two years. Six per cent of respondents said they were unsure whether they had ever experienced a loss of data at all.

In a world where cyber criminals always seem to be one step ahead of businesses, it is imperative that leaders build information risk management into their operations. To do this, executives must understand who is responsible for protecting the data and strive to regain control of cyber space in the workplace.

“This is really the driving question behind the work we’re doing with the Economist: ‘Do enterprises understand what information risk is and do they understand what their information assets are?’” said Andrzej Kawalec, CTO, Enterprise Security Services, HP. “And if we’ve started to ask that question, then the next one is, ‘What are they able to do about protecting that information and the information of customers?’”

Some responses to these questions came out through the course of the EIU’s research. Enterprises should not fear turning to competitors for support; it is only by sharing information that businesses can stay on top of the latest attacks and take preventative measures against future ones.

Businesses should also ensure that executives understand the value of their data, and that all employees receive training on information risk – but they should avoid a one-size-fits-all approach to training, and it should be a continuous exercise.

“Managing information risk is a real-time activity that demands huge investments and much more agile skill than traditional risk management,” said Kawalec. “As more and more people understand the implications of the digital economy, they’re able to make better risk decisions.”

Related posts