PwC has released its annual Global State of Information Security Survey.
Key findings for New Zealand include:
- New Zealand organisations are much less confident this year that their information security activities are effective. In 2014, 83.3% of New Zealand organisations were confident or somewhat confident, compared to just 64.7% this year.
- Many organisations are emphasising the people side of the information security equation. However, the survey data suggests that New Zealand is slightly behind the curve at board level. Globally, 34.8% of organisations say their board receives information security risk updates at least four times a year. In New Zealand, only 20.6% receive regular updates.
- New Zealand is falling behind global trends in information security spending.
- 43.3% of organisations have indicated that they have a security strategy in place for the cloud, 40% have mobile malware detection and 50.5% use common identity protection. But more than 40% do not currently have an overall strategy that takes into account the holistic needs of the organisation.
- 28% of organisations with a security incident in the past year suffered a loss or damage to internal records; 25.6% saw their brand or reputation compromised; and 18.3% suffered financial loss.
New Zealand respondents ‘ top information security priorities for the coming year are:
- identifying sensitive assets;
- security strategy for mobile devices;
- classifying the business value of data; and
- establishing security and baseline standards for third-party vendors, suppliers, and external partners.