News

Report: IT Security Hindering Innovation

New research finds organizations are struggling to strike the right balance between driving new innovations to market and instituting effective IT security practices

By Ross O. Storey, MIS Asia

October 06, 2008 — CSO —

Organizations are struggling to strike the right balance between driving new innovations to market and instituting effective IT security practices, according to new research by IDC.

Commissioned by RSA, the Security Division of EMC, the research has found that

IT security risk is impeding business innovation. Information security concerns have caused 80 percent of those surveyed, to back away from new innovation opportunities.

IDC also found that although 80 percent of CEOs believe their security teams are being held formally accountable for their contributions to business growth and innovation, only 44 percent of security leaders believe they are being measured on their contributions to innovation.

This finding points to a surprising lack of alignment between the expectations of C-level management and the priorities of security professionals.

Poor transition

Only 21 per cent of respondents believe their organizations have successfully made the transition to an approach that is proactive and business-aligned, and enables rather than impedes innovation.

IDC Vice President, Chris Christiansen said that today's businesses cannot grow in the absence of a healthy environment for the realization of new innovations.

"It is evident that in spite of some good progress, the relationship between innovation and security is still very strained," Christiansen said. "The reality is that innovation and security don't need to be competing priorities; they are in fact complementary.

"In the end, we believe organizations that demand early IT involvement in business innovation efforts and lay out explicit business innovation metrics for their security teams have a much better chance of advancing their overall organizational goals."