CSO survey: Companies lack plans in case of terrorist attacks
They appear to be better prepared for cyberattacks and natural disasters
June 9, 2004 12:00 PM ETIDG News Service -
A majority of security executives surveyed said their companies don't have plans to cope with an unconventional terrorist attack, even though most believe that a terrorist attack of some kind is likely to occur in the coming months, according to the results of a poll released by CSO magazine today.
The survey of 476 chief security officers and senior security executives found that 60% believe that a terrorist attack is likely in Boston or New York, which are hosting the Democratic and Republican political conventions this summer, respectively. While 63% of CSOs said their companies have planned for conventional attacks such as bombings or hostage taking, 61% said they haven't planned for unconventional attacks using chemical, biological or nuclear weapons, according to the magazine.
The online survey of CSO subscribers was conducted between April 27 and May 18, 2004, and has a 4.5% margin of error. CSO subscribers were asked their opinions on a number of issues, including terrorism, politics, IT security policy and purchasing decisions.
While planning for unconventional terrorist attacks is rare, the CSOs reported much better preparation for threats such as cyberattacks, natural disasters and violent employees. Ninety-four percent of those surveyed said they have contingency plans in place for natural disasters and 86% for cyberattacks. Eighty percent said their companies are prepared for attacks from violent employees or former employees.
Indeed, the survey showed that companies are quick to slam the door on former employees. Seventy-four percent of those surveyed block network access to e-mail and critical documents within one business day of employees being fired or leaving a company, and 81% block physical access within one business day.
The theft of intellectual property or other proprietary information is also a top concern of CSOs, with 91% saying that managing access to critical information and documents is either "extremely important" or "very important."
The study also showed that those concerns are often well placed. Fifteen percent of the respondents said their employer has lost or had critical documents or corporate information copied without authorization in the past year. Almost a quarter said they could not be sure whether such losses had occurred at their company.
However, concerns about the theft of proprietary information aren't influencing decisions about which security products to buy. Only 11% of the CSOs surveyed said that the theft of intellectual property was the primary factor in security spending, which averaged $16.6 million annually among those surveyed. Instead, the desire to comply with government regulations is a bigger motivator. Forty-nine percent cited "issues
Reprinted with permission from
Story copyright 2009 International Data Group. All rights reserved.
Security
Additional Resources



Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.
White Papers & Webcasts
The State of PCI DSS Compliance at Organizations Today
Download this resource today!
Managing Secure File Transfer to Save Time, Money and IT Resources
Learn how companies are using innovative technology to overcome these challenges and improve user productivity by offloading e-mail attachments and replacing FTP with...
Can Heuristic Technology Help Your Company Fight Viruses?
What is Heuristic Technology and how can it help safeguard your business against viruses? Learn more.
Security Convergence Equals Network Security Cost Savings
Listen to IBM Internet Security Systems' take on network security convergence.
Why Email Must Operate 24/7 and How to Make This Happen
Learn how to avoid an email outage by implementing a hosted email continuity solution.
Lower the Cost and Complexity of a Mobile Workforce through Automation
Download This Resource Now!
Eradicate Spam & Gain 100% Asurance of Clean Mailboxes
Get this paper now!
Managing Mobility: Improve Data Security, Compliance and Manageability
Download This Resource Now!
Mastering eDiscovery: The IT Manager's Guide to Preservation, Protection & Production
Get this paper now!
Disaster Recovery 2008: Reduced Costs and Improved Performance
How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this...
