Indian companies are increasing their information technology (IT) security budgets for 2010. This comes after their decision to cut corners in the security segment last year due to the global recession, said a Deloitte report.
The 2010 Global Security Survey — India Report, conducted by Deloitte Touche Tohmatsu India, said 10 per cent of respondents increased their IT security budgets by more than 10 per cent. And 57 per cent increased their budgets by up to 10 per cent.
The study noted that although 48 per cent organisations in India believe they are “on plan” in dealing with security threats, 44 per cent still believe that they are grappling with security threats.
The survey based on research and detailed interactions reached out to 62 organisations in India, across industry verticals.
“While organisations have taken a step in the right direction by reinforcing budgets towards information security, current strategies may still be inadequate to close the gaps. Aligning with global standards, focus on elements like Identity and Access management is also gathering steam”, said Sundeep Nehra, senior director, Deloitte Touche Tohmatsu India.
Further the report noted that almost half of Indian respondents experienced at least one internal security breach during the past one year in their organisations. Almost 32 per cent of Indian respondents believe their information security professionals lack the competence to handle existing and foreseeable security requirements. Optimistically, information security awareness and training is among the top three security initiatives for the coming year.
Top spending priorities in 2010 include Identity and Access Management (IAM), data protection, security infrastructure improvement, regulatory and legislative compliance, and information security compliance remediation based on the findings of internal and external auditors.
In addition, it has been observed that third-party/vendor-security capabilities are still doubted by a majority organisations in India. This claim is supported by the fact that only 23 per cent of the respondents are very comfortable with the Information Security practices of their vendors. This number is closer to 32 per cent globally.
Moreover, while 29 per cent organisations, globally, require some sort of independent attestations for work outsourced to third-party vendors, only 13 per cent of the respondents in India go in for such independent attestations to understand whether Information Security practices are adequately used within the vendors organisations.
| SECURITY MATTERS # 32% believe their information security professionals lack competence # 44% believe they have to adress security threats more effectively # 23% are comfortable with the Information Security practices of their vendors # 13% in India go in for independent attestations on outsourced work # Information Privacy is still lagging in India |
