About 50% of the surveyed respondents reported their customers seeking the firm’s security measures in the past 12 months
Several IT suppliers are overlooking the client information security despite growing concern of cyber security by customers, according to a new report.
According to IT Governance’s international ‘Boardroom Cyber Watch’ survey based on senior executive opinion about cyber security, about 74% of respondents reported that customers prefer to cope with suppliers with proven IT security credentials.
About 50% of the surveyed reported that customers have asked about the firm’s security measures in the past 12 months.
IT Governance founder and executive chairman Alan Calder said that when deciding on IT investments, it’s important to recognise that information security is about far more than shoring the company up against cybercrime.
"Rather than viewing the ability to offer proven information security credentials as an unwelcome cost, it should be seen as a competitive advantage," Calder said.
"Indeed, given that a globally recognised best practise framework for addressing the risks related to systems, people and technology already exists in the shape of ISO/IEC 27001, it’s surprising to see such a large number of suppliers still resisting the opportunity to demonstrate their credibility."
The report revealed that majority of respondents have still to adopt the security, while complying with international best practise standards.
Despite the 87% of participating organisations know about ISO/IEC 27001, about 35% of surveyed had met the requirements.
About 40% of senior executives and IT professionals noted either wrong level investments in information security or were not sure whether their investment is appropriate.
"In the face of constantly evolving new threats around the globe, the need for increased compliance is a fact of life," Calder said.
"Companies must therefore ensure that their defences are in a state of constant evolution – so much so that any organisation which handles customers’ personal data, for example, but is not compliant with ISO27001, is at risk of displaying overt negligence."
"If you’re serious about giving your company cast-iron security credentials, it’s essential to implement and maintain compliance with an internationally recognised security standard.
"Compliance doesn’t just open the door to more business; it allows you to sleep more soundly at night."