Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Spore among info security leaders in AP

Jared Heng | July 22, 2008
Researchers warn against false sense of security in enterprise information security preparedness.

SINGAPORE, 21 July 2008 - Local companies and multi-national corporations (MNCs) in Singapore are more prepared on information security than counterparts in some other Asia Pacific countries, according to a Fusion Consulting survey.

With a network of 400 consultants in 16 countries, the business intelligence consultancy provides companies strategic advice on Asia Pacific markets.

Conducted early this year, the survey found that more than 60 per cent of responding organisations in Singapore have received training on preventing data loss and theft. In contrast, only 24 per cent of respondents in Thailand have done so.

Information security training

Singapore-based banking, technology and telecommunications companies are more proactive in information security training than the professional services, insurance and government sectors, Fusion notes.

The survey showed that 89 per cent of responding banking companies in Singapore received training on data loss or theft prevention, while 43 per cent of responding insurance companies had such training, the same figure as that of professional services companies.

Technology and telecommunications companies also ranked themselves highest in terms of confidence over data protection preparedness. Enterprises in other sectors ranked themselves above average, despite providing relatively less security training.

False sense of security

Across the board, there is an internal perception of data risk preparedness, says Pete Read, director at Fusion Consulting Singapore. This is quite justified in the finance and telecom sectors.

He warns however, that the same perception could be reflecting a false sense of security in other sectors like professional services and healthcare. Such sectors rely heavily on data, but are well behind the curve in terms of security training provided to their staff.

Read advises CIOs in these other sectors to regularly and proactively review information security, as well as to promote awareness and basic countermeasures among all staff. Seeking external advice and assistance in areas like security audits, training and data protection systems is also crucial, he says.

 

Sign up for MIS Asia eNewsletters.