SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
ManageEngine survey hints that IT is more involved in business & security decisions
Mon, 22nd May 2017
FYI, this story is more than a year old

Australian IT companies are concerned that while they are experiencing successful alignment between business operations and IT departments, security still remains a top concern.

According to ManageEngine's survey of 152 companies, organisations understanding that aligning people is crucial to aligning IT departments and lines of business.

However, there is still work to be done around IT departments' involvement in business decisions. 33% of respondents said their IT department is regularly involved, and 40% said they are sometimes involved.

But the lack of involvement may not be due to a lack of knowledge: 78% of respondents said that IT managers have a good understanding of business, and 66% of business managers said they have a good understanding of IT.

“This survey shows that business-IT alignment is far more than a buzz term in Australia. It's clearly a corporate cornerstone given how Australian IT managers and business managers collaborate and invest in each other's area of expertise and how that collaboration and investment benefits the company overall,” comments ManageEngine's president Raj Sabhlok.

The survey also found that 43% of respondents thought they are exposed to the same level of cyber risk as last year, and 28% believe they are more at risk.

Those risks consist of cyber attacks (57%), data theft by outsiders or unauthorised use of data by an inside employee.

76% of those who had experienced a cyber attack said that they had been attacked between one and five times. 12% had experienced attacks between six and ten times.

59% of respondents said they had experienced unauthorised data access between one and five times. 29% said it had happened between six and ten times.

What does all this mean? Sabhok says there is work to be done, especially around mobile devices and shadow IT.

"If basic steps such as installing patches and regularly updating passwords are not being undertaken, this poses unnecessary extra risks for an organisation,” he comments.

85% of respondents allow remote access to company data and 84% provide a mobile device exactly for that purpose.

47% of businesses either ‘never' or ‘only occasionally' automatically install security patches and updates.

While security is a priority, it seems that respondents are also focused on enterprise cloud, with most (34%) adopting the public cloud. 32% chose hybrid cloud and 18% chose a private cloud-only approach.

Google Cloud took out the top spot for public cloud platforms. Organisations see cloud as a positive for sales and marketing (62%), business processes (54%) and collaboration tools (54%).