Will companies ever learn?
Published: 12 March 2002 17:05 GMT
Only 53 per cent of UK companies have business continuity plans in place. Only half of those have ever been tested.
Looked at in a different light, that means only a rather pathetic one quarter (roughly speaking) of businesses have any idea whether they'd survive a major security breach.
Ernst & Young looks at this issue every year, with the research consistently revealing security simply isn't seen as a key business issue. It never has been and - despite the hype, the hacks, the viruses and certain terrorist-led disasters proving the need for business continuity - it looks like it never will be.
But how can it be anything but a hugely important part of a company's strategy?
Ernst & Young's survey shows security is consigned to the IT ghetto. Any spend devoted to it comes out of the IT budget. It is not discussed at board level. Ergo, it is not given the treatment it deserves.
And why is that? Well, for fear of sounding like a broken record, IT still isn't represented on the board of most companies.
Just this week, silicon.com interviewed David Rippon, the technology chief of Landsecurities and head of IT directors' group Elite (http://www.silicon.com/a51924 ). He put some of the blame for this lack of representation on the inability of his peers to raise their profile within businesses.
He said: "[They need to develop] closer relationships with the people who run and manage the business so that they turn to you naturally for advice. And when they turn to you for advice, you can express that advice in a non-technical way that draws on experiences inside and outside your organisation."
Easier said than done. But if you're struggling to be heard by a CEO who thinks security should remain in the IT ghetto (if not ignored altogether), try sending him or her an email. Avoid techno-babble. Keep it simple. Try a subject line like "We're about to go out of business," and add: "You do know that we'd never recover if we were hit by a virus attack/flood/power cut/11 September-style attack, don't you?"
That might get their attention. If not, you'll have to resort to that old favourite security policy: keeping your fingers crossed.
My NHS client urgently requires an Emergency Planning/Business Continuity specialist to provide cover for a gap that has arisen in the team due to ...
*To lead on ensuring that the required polices and strategic plans are developed and implemented supported by exercises and training programmes for ...
You will be developing high value relationships with directors, MD's and CEO's and looking to secure multi-million pound accounts. You will be given ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
The Round-Up The Weekly Round-Up: 27.11.09 Sorry gran!
The Round-Up The Weekly Round-Up: 20.11.09 Do you need to shape up?