Latest News  

More than half of Romanian companies plan cybersecurity budget increase

According to a joint PwC Romania and Microsoft Romania survey launched recently, "Security in the Digital World", investments in cybersecurity are mostly driven by regulatory requirements instead of the organizations awareness of the actual and ongoing IT security threats. On the plus side, companies acting in highly regulated sectors such as the financial industry, for example, are usually better prepared to tackle cyber threats.

2017-06-12 20:26:11

Almost 60 per cent of the organizations responding to this survey are planning to increase their cybersecurity budget in the next financial year, with 20% counting on maintaining the current spending level, while 23% still don't not have a clear picture as to their next year's budget.
With 40 percent of the surveyed Romanian companies not having a formal cybersecurity strategy, and only 10% having reached a maturity level where the strategy is defined, implemented and optimised, the study reveals the fact that information security is not yet fully understood and supported at Board of Directors level.

"Information Security Officer appears not to be heard at Board level unless there is a crisis or a compliance issue – they need more support, including hiring more resources or acquiring security intelligence, as technology is a business wide matter today – information security risks are business wide risks" stated Mircea Bozga, Risk Assurance Partner, PwC Romania.

While relying mostly on internal existing resources, organizations in Romania responding to this survey need to scale up their information security intelligence This remains a hallmark of emerging markets, with the more mature organizations from developed economies relying more heavily on external specialized cyber security providers. As the Romanian companies grow and are confronted with more and more sophisticated cyber threats as well as more stringent regulatory requirements, it is likely that they will address the challenge by engaging specialized IT security providers and exploring the benefits of cloud computing.

In terms of perceived cybersecurity challenges, 87% of respondents declared that they are preoccupied with potential data leaks, 73% worry about malware (including ransomware), 70% are concerned about potential disruptions in business continuity, with another 70% preoccupied to ensure protection against targeted attacks.

"With less than 1 year until enforcement the European Directive for the General Data Protection Regulation (GDPR) is becoming an increasing concern for local organizations. However, the study reveals that very few respondents have already created an execution plan in relation to the provisions of the GDPR", stated Oana Terteleac, Digital Sales Incubation Unit Lead Microsoft Romania.
As for the potential factors that could have a positive effect on cybersecurity, vast majority of respondents considered that increasing awareness (including training) of the employees regarding threats combined with increasing awareness and support of the management board are critical factors to improve digital security. Another positive factor is considered the enforcement of regulatory requirements as a major driver to improve digital security (77%). This may reflect the compliance requirements they are faced with, especially in highly regulated markets.

The need to hire additional security resources (67%) and to exchange security information with others (57%) were also considered by the large majority of respondents very important to improve digital security. This may reflect the current understaffed state of security in most of organizations and the hope that the experience of others may help.

When we discuss infrastructure security, 3 areas of priority emerge, focusing on data backup/ recovery, DLP and IAM.

Most of respondents would invest in data backup / recovery process (20%), improving access management to systems (19 per cent) and data leak prevention solutions (16%). This may show that respondents prefer to invest in areas that have a quick and major impact on their security risk posture, access and data protection.
More than two thirds of respondents use a Data Loss Prevention (DLP) solution and this points out that DLP became a common security measure, similar with antivirus solutions. On the other hand, almost one fifth of respondents are not using a DLP solution. A possible explanation may be the lack of an information classification policy.

One challenge raising increased interest is related to how companies address access control. Across the entire organization, managing identity and controlling access are topics that encourage more companies to go for Identity Access Management "IAM" solution, with almost two thirds of respondents having implemented or planning to implement solutions to manage access across the entire ecosystem (Identity Access Management "IAM" solution).

In order to improve their information security, PwC and Microsoft recommend the following actions to be considered by organizations:
• Have adequately scaled resources ( the specialized personnel enabled by the right technologies and guided by validated processes) responsible for reporting to an information security officer CISO (chief information security officer). The CISO should report directly to the Board of Directors or to one of the Board Members.
• Perform regular security assessments including information security strategy and vulnerability assessments, by using independent external providers
• A thorough assessment of the cloud computing services should be undertaken to identify the benefits of cloud services for security, privacy and compliance
• Invest in employees training and awareness programmes related to information security. It is a critical success factor in every security programs

• Robust business continuity planning and exercising – ensuring that individual user systems and key servers can be restored rapidly from backups, and that the frequency of backups aligns to the volume of data your organisation is prepared to lose in the event of any system being rendered unusable;

• Crisis and incident response planning and exercising – ensuring that there are formal procedures in which employees and those responsible for the management of high priority incidents are well versed to streamline the organisation's reaction to unexpected events and its ability to restore service to employees and customers;

• Strong security hygiene policies and user awareness – preventing malware entering your IT environment through the most common delivery vector, phishing, by enforcing strong controls at your email gateways, and developing vigilant employees through robust awareness campaigns;

• Rigorous patch and robust vulnerability management programme will help reduce the likelihood of exploitation.


0 COMMENTS ^ Go back to Top
WRITE A COMMENT ^ Go back to Top
 
Your email address will not be published.
Nickname
Email
Comment
Validation Code
   
 
 
NEWS
Businesses struggle to protect sensitive cloud data according to new Oracle and KPMG Cloud Threat Report

Despite defined security policies, eight in 10 organizations worry about employee compliance and four in 10 say detecting and responding to cloud security incidents is a top cyber security challenge

 Read Full article »
Next Generation Shared Services Roadshow at Bucharest: innovative solutions and best-practices in SSC industry

The series of Next Generation Shared Services Roadshow event organized by SSC Heroes and Kinnarps Kinnarps in four cities in Central and Eastern Europe, brought in April at Bucharest a strong panel of leaders i

 Read Full article »
Automation will change the labor market and skills landscape in Romania

A share of 81 per cent of Romanian employers globally say their headcount will increase or remain flat in the next two years because of automation, in line with the 86 per cent employers globally providing the

 Read Full article »
The most appreciated companies from the outsourcing industry, awarded at ABSL Gala 2018 Romania

The most appreciated companies in the outsourcing industry were awarded last night, at the ABSL Romania Awards Gala, a recent announcement of the company stated.

 Read Full article »
Cybersecurity Tech Accord: 34 leading companies sign pledge to fight cyberattacks to promise equal protection for customers worldwide

Companies across every layer of internet communication vow to defend against misuse of their technology; promise to protect all customers regardless of nationality, geography or attack motivation.

 Read Full article »
Accenture study finds 87 percent of focused cyberattacks are prevented

With ransomware and distributed denial of service (DDoS) attacks on the rise, the average number of focused cyberattacks per organization has more than doubled this year compared to the previous 12 months (232

 Read Full article »
Romanian software group expands to Bulgaria

Romanian group Global Technical Systems, which specializes in software development and providing technological solutions for building efficiency and security infrastructures, aims to double its turnover this ye

 Read Full article »
Vodafone Survey: Romanian youngsters would rather work for themselves, than for a company

Romania ranks first in terms of percentage of youngsters who would rather work for themselves/be an entrepreneur than for a company, with 51 percent expressing this preference, according to Vodafone survey.

 Read Full article »
Bucharest office market: Over 30 per cent of the demand came from the companies that moved from old buildings in modern projects

Companies have rented in the first quarter almost 70,000 square meters of office space in Bucharest, one third of the demand came from companies that formerly had its headquarters in old, small buildings or in

 Read Full article »
ABSL Romania: The Business Services sector has thousands of jobs available for young professionals

The Association of Business Service Leaders in Romania (ABSL) announces thousands of positions available for young professionals with little to entry-level experience in the business services sector. Accounting

 Read Full article »
 
 
MOST READ ARTICLES
» The most appreciated companies from th...
» Romanian software group expands to Bul...
» ROMANIAN OUTSOURCING AWARDS FOR EXCELL...
» Romanian Outsourcing & Shared Services...
» DTZ: Office demand outside Bucharest t...
» Romania, Europe's third and world's 13...
» Accenture study finds 87 percent of fo...
» Molson Coors started to grow its busin...
» Capgemini to open new office at Suceav...
» EXCLUSIVE: ABSL Timisoara - BPO and SS...
 
EDITOR CHOICE
Romanian Outsourcing & Shared Services Summit: In the search of the best strategy to stay relevant

Currently, according to companies operating in outsourcing and business shared services in Romania, there is an intense discussion regarding the availability of prepared workforce in the industry. Even if the c

 Read Full article »
Romanian Outsourcing & Shared Services Summit: The need for dialogue of stakeholders

On March 22nd, at Athénée Palace Hilton in Bucharest, the Fourth Edition of Romanian Outsourcing & Shared Services Summit hosted the annual get-together of professionals in outsourcing and business shared ser

 Read Full article »
The voting for The Brand of the Year 2018 in Outsourcing and Shared Services is now open!

Outsourcing Today presents the fourth edition of the annual Romanian Outsourcing & Shared Services Awards, the event that recognizes, rewards and celebrates the success of the most prominent companies acting in

 Read Full article »
Romanian Outsourcing & Shared Services Summit: The very definition of millennials is change

Adapting to future workforce trends whilst balancing intelligent automation, digitalization, and millennial teams was one of the most discussed topic of the second session of the Fourth Edition of Romanian Outs

 Read Full article »
Stefanini invests in AI and reinforces Sophie's capabilities

Recently, Stefanini announced it is reinforcing its investments in Sophie, an artificial intelligence platform with the ability to turn data into valuable solutions. Fully developed within Stefanini's research

 Read Full article »
Latest News  
 
about us | newsletter | contact | members area
Copyright © 2015 by Diplomat Media Events Design by Diplomat Media Events