Latest News  

More than half of Romanian companies plan cybersecurity budget increase

According to a joint PwC Romania and Microsoft Romania survey launched recently, "Security in the Digital World", investments in cybersecurity are mostly driven by regulatory requirements instead of the organizations awareness of the actual and ongoing IT security threats. On the plus side, companies acting in highly regulated sectors such as the financial industry, for example, are usually better prepared to tackle cyber threats.

2017-06-12 20:26:11

Almost 60 per cent of the organizations responding to this survey are planning to increase their cybersecurity budget in the next financial year, with 20% counting on maintaining the current spending level, while 23% still don't not have a clear picture as to their next year's budget.
With 40 percent of the surveyed Romanian companies not having a formal cybersecurity strategy, and only 10% having reached a maturity level where the strategy is defined, implemented and optimised, the study reveals the fact that information security is not yet fully understood and supported at Board of Directors level.

"Information Security Officer appears not to be heard at Board level unless there is a crisis or a compliance issue – they need more support, including hiring more resources or acquiring security intelligence, as technology is a business wide matter today – information security risks are business wide risks" stated Mircea Bozga, Risk Assurance Partner, PwC Romania.

While relying mostly on internal existing resources, organizations in Romania responding to this survey need to scale up their information security intelligence This remains a hallmark of emerging markets, with the more mature organizations from developed economies relying more heavily on external specialized cyber security providers. As the Romanian companies grow and are confronted with more and more sophisticated cyber threats as well as more stringent regulatory requirements, it is likely that they will address the challenge by engaging specialized IT security providers and exploring the benefits of cloud computing.

In terms of perceived cybersecurity challenges, 87% of respondents declared that they are preoccupied with potential data leaks, 73% worry about malware (including ransomware), 70% are concerned about potential disruptions in business continuity, with another 70% preoccupied to ensure protection against targeted attacks.

"With less than 1 year until enforcement the European Directive for the General Data Protection Regulation (GDPR) is becoming an increasing concern for local organizations. However, the study reveals that very few respondents have already created an execution plan in relation to the provisions of the GDPR", stated Oana Terteleac, Digital Sales Incubation Unit Lead Microsoft Romania.
As for the potential factors that could have a positive effect on cybersecurity, vast majority of respondents considered that increasing awareness (including training) of the employees regarding threats combined with increasing awareness and support of the management board are critical factors to improve digital security. Another positive factor is considered the enforcement of regulatory requirements as a major driver to improve digital security (77%). This may reflect the compliance requirements they are faced with, especially in highly regulated markets.

The need to hire additional security resources (67%) and to exchange security information with others (57%) were also considered by the large majority of respondents very important to improve digital security. This may reflect the current understaffed state of security in most of organizations and the hope that the experience of others may help.

When we discuss infrastructure security, 3 areas of priority emerge, focusing on data backup/ recovery, DLP and IAM.

Most of respondents would invest in data backup / recovery process (20%), improving access management to systems (19 per cent) and data leak prevention solutions (16%). This may show that respondents prefer to invest in areas that have a quick and major impact on their security risk posture, access and data protection.
More than two thirds of respondents use a Data Loss Prevention (DLP) solution and this points out that DLP became a common security measure, similar with antivirus solutions. On the other hand, almost one fifth of respondents are not using a DLP solution. A possible explanation may be the lack of an information classification policy.

One challenge raising increased interest is related to how companies address access control. Across the entire organization, managing identity and controlling access are topics that encourage more companies to go for Identity Access Management "IAM" solution, with almost two thirds of respondents having implemented or planning to implement solutions to manage access across the entire ecosystem (Identity Access Management "IAM" solution).

In order to improve their information security, PwC and Microsoft recommend the following actions to be considered by organizations:
• Have adequately scaled resources ( the specialized personnel enabled by the right technologies and guided by validated processes) responsible for reporting to an information security officer CISO (chief information security officer). The CISO should report directly to the Board of Directors or to one of the Board Members.
• Perform regular security assessments including information security strategy and vulnerability assessments, by using independent external providers
• A thorough assessment of the cloud computing services should be undertaken to identify the benefits of cloud services for security, privacy and compliance
• Invest in employees training and awareness programmes related to information security. It is a critical success factor in every security programs

• Robust business continuity planning and exercising – ensuring that individual user systems and key servers can be restored rapidly from backups, and that the frequency of backups aligns to the volume of data your organisation is prepared to lose in the event of any system being rendered unusable;

• Crisis and incident response planning and exercising – ensuring that there are formal procedures in which employees and those responsible for the management of high priority incidents are well versed to streamline the organisation's reaction to unexpected events and its ability to restore service to employees and customers;

• Strong security hygiene policies and user awareness – preventing malware entering your IT environment through the most common delivery vector, phishing, by enforcing strong controls at your email gateways, and developing vigilant employees through robust awareness campaigns;

• Rigorous patch and robust vulnerability management programme will help reduce the likelihood of exploitation.


0 COMMENTS ^ Go back to Top
WRITE A COMMENT ^ Go back to Top
 
Your email address will not be published.
Nickname
Email
Comment
Validation Code
   
 
 
NEWS
Michael Ringman, TELUS International: Going omnichannel, from challenges, misconceptions to readiness and benefits

In a recent interview, Outsourcing Today asked Michael Ringman, Chief Information Officer, TELUS International about the latest resolutions and

 Read Full article »
DB Global Technology launches DB Tech School and trains a new generation of Romanian software specialists

DB Global Technology, Deutsche Bank's technology center in Bucharest, launches DB Tech School, a training program for software specialists who are at the beginning of their careers and are interested in the Jav

 Read Full article »
Atos wins major contract with Safran in the transformation of IT infrastructure

Atos, a global leader in digital transformation, has been selected by Safran, leader in the aeronautics and aerospace sectors, as its partner to optimize datacenters worldwide. The four-year contract runs till

 Read Full article »
Amazon close to sign lease contract for 10.000 sqm office space within Globalworth Campus

At the beginning of this year, the US giant retailer Amazon was said to rent around 10.000 sqm office spaces in Bucharest, where they might hire some 1.000 professionals, according to sources close to company q

 Read Full article »
Levi9 relocates office to Business Center Iasi

IT company Levi9 will open its new Iasi office at Iasi, Soseaua Nationala 31. The new office will be a modern, open and attractive working environment for the 150 employees and facilitate the expected growth to

 Read Full article »
IBM to open its fourth business services center in Romania

US-based IT giant IBM announced it would open a new business center in Cluj-Napoca this July, the fourth center operated by the It company in Romania, after Bucharest, Brasov and Timisoara.

 Read Full article »
SAP ranked first among Europe's most valuable brands in 2017

SAP, leading company in digital transformation, ranked 1st among Europe's most valuable brands, according to the 2017's edition of BrandZ Top 100 Most Valuable Global Brands, with a brand value of 45.194 billio

 Read Full article »
Nokia invests 73 million Euro in expanding its campus in Timisoara

Finland-based company Nokia said it will be expanding its campus in western city of Timisoara with the biggest research and development (R&D) center in the Romanian telecom industry and the total investment exc

 Read Full article »
Romania's Fribourg Capital launches 20 million Euro investment fund for startups

Romanian investment firm Fribourg Capital said it has launched Fribourg Digital, a 20 million Euro investment fund which targets startups in the IT sector, according to a company statement quoted by seenews.

 Read Full article »
Avangate plans to hire 45 IT specialists for its office in Romania

Avangate, the global eCommerce and subscription billing platform for software, SaaS, and digital solutions, with Romanian roots, which recently acquired the 2Checkout global payment processor, will hire 45 IT s

 Read Full article »
 
MOST RECENT VIDEO
 
 
MOST READ ARTICLES
» ROMANIAN OUTSOURCING AWARDS FOR EXCELL...
» Grégoire Vigroux appointed the new Vi...
» Romanian Outsourcing Awards for Excell...
» Romanian Outsourcing Awards for Excell...
» SocGen's EBS division to grow 60%, exp...
» Bombardier: from Bucharest subway to t...
» Ericsson and Skanska trial IoT for Sma...
» OT Learning & Development Roundable ta...
» Molson Coors started to grow its busin...
» AFI Europe Romania and Dedeman sign ag...
 
EDITOR CHOICE
TELUS International Europe: Issue 3 - Customers First magazine! Strategy and innovation in travel and hospitality

The third issue of our Customers First magazine is now available! The latest edition is all about travel and hospitality, featuring insights from industry experts and top brands like JetBlue, Turo, Joie de Vivr

 Read Full article »
The future is now - Review of Romanian Outsourcing Summit, 2017

Romania delivers services in 25 languages with more than 100,000 specialists employed in the outsourcing industry and business services, and based on an estimated growth of 15-20 per cent, it is estimated to re

 Read Full article »
Genpact's COO: Staying ahead of the curve

Shibu Nambiar has over 18 years of experience in the services industry, covering roles in operations, project management, service delivery, product development, domain management and training.

 Read Full article »
Reshaping the industry mindset

The business shared services industry in Romania is living a fantastic youth, but may be heading towards a maturity that may come sooner than expected, thanks to disruptive emerging technologies and the urgent

 Read Full article »
OT Learning & Development Roundable takes place on June 15th

On June 15th, Outsourcing Today organizes OT Learning & Development roundtable. The event brings together the business services professionals to discuss and discover new tools and programs designed to assist bu

 Read Full article »
Latest News  
 
about us | newsletter | contact | members area
Copyright © 2015 by Diplomat Media Events Design by Diplomat Media Events