The State of IT Security in Malaysia
IT security is at the forefront of many businesses across the world and has emerged as top concern of business leaders in Malaysia in 2016. The increase in high profile hacks globally and in the Asia Pacific markets, the emergence of various types of ransom based attacks and the concern about supply chain originated attacks have made this topic a boardroom discussion. Complicating the issue is the need to transform businesses to take full advantage of the 3rd Platform technologies of cloud computing, mobile computing, Big Data and social business platforms, each of which bring with them a new set of security concerns.
Globally, IDC has observed legislation that will impact local organizations with operations in Europe and the United States, and the potential to be incorporated into local legislation is high. With fines as high as 500 million euros, the concern is very real and highly financially motivated.
As a result, organizations of all types are seeking a more robust security strategy, one that provides not only enhanced perimeter protection, but that also takes into account that the perimeter has already been breached, and permits organizations to monitor internal systems and networks equally. However, as the benchmark indicates, not many organizations have this level of maturity to date, creating an environment that is not online insecure, but one where the business is not fully trained to cope with the impact of a breach, relying instead on IT teams alone to handle this organization-wide challenge.
A mature security program is represented by a complex interplay of technology, processes, and people governed by risk management capabilities and driven by a vision that enables an organization to safely make its digital transformation. IDC has developed the IT Security MaturityScape Benchmark to help business and IT leaders understand and cope with the challenges and opportunities that digital transformation can bring to their enterprises. The current research provides objective data to help organizations identify the key capabilities that distinguish organizations whose security efforts have met or exceeded their overall expectations from their peers whose security efforts have fallen short...click to read more.