ISLANDIA, N.Y. -- CA (NYSE: CA - News) today announced a new security survey of 642 large North American organizations which shows that more than 84% experienced a security incident over the past 12 months and that the number of breaches continues to rise.
According to the findings, security breaches have increased 17% since 2003. As a result, 54% of organizations reported lost workforce productivity; 25% reported public embarrassment, loss of trust/confidence and damage to reputation; and 20% reported losses in revenue, customers or other tangible assets. Of the organizations which experienced a security breach, 38% suffered an internal breach of security.
In addition, the findings indicate that security isn't being taken seriously enough at all levels of an organization, especially in the financial service industry. Nearly 40% of respondents indicated that their organizations don't take IT security risk management seriously at all levels, while 37% believe their organization's security spending is too low. Only 1% believe it is too high.
Despite these findings, the survey revealed that organizations are taking steps to improve security. The three most important cited security steps were documenting security policies (88%), creating security education policies for employees (83%) and creating a Chief Information Security Officer position (68%) within the organization.
The survey also found that a lack of centralized security administration is affecting employee productivity. Only 6% of the organizations were able to provide new employees or contractors with access to all the applications or systems they require on their first day of work.
"These survey results demonstrate that even though organizations are investing in security technologies, they still aren't achieving the results they seek," said Toby Weiss, senior vice president and general manager of CA's Security Management Business Unit. "Clearly, more work needs to be done in terms of both improved security management itself and better education of business users about the importance of IT security best practices."
CA Inc. (NYSE: CA)