With information security and data privacy vulnerabilities no longer just technical issues, top priorities for companies going through transformations are shifting towards mitigating and combating security risks, a recent research from Protiviti finds. Top priorities of the companies surveyed relate to virtualisation at #1, cyber related issues at #2 and wider IT infrastructure and governance concerns.
In a recently released survey from consulting firm Protiviti, titled ‘2015 IT Priorities Survey’, the priorities of IT departments of companies that undergo major changes and technology upgrades are measured. The survey involved 1,073 participants, that were predominantly IT managers (48%), IT VP/Directors (27%) and CIO (7%) among others (18%). The organisations surveyed were for 97% in the US, and spanned the revenue range – with 10% more than $20 billion and 15% less than $100 million.
Respondents were asked to rate, on a scale of 1 to 10, the level of priority for them and their organisations to improve in different issues and capabilities. The authors classified each issue and capability with an index of 6.0 or higher as a ‘Significant Priority’ for IT functions, those with an index of 4.5 through 5.9 are classified as a ‘Moderate Priority’ and those with an index of 4.4 or lower are classified as a ‘Low Priority.’
The percentage of organisations undergoing a ‘major IT transformation’ stood at 60%, and for the second year running were the majority of surveyed firms. Of these, 54% expect their transformation to take a year or longer, with the level of disruption that the reorganisation is expected to force on their organisation at an average of 6.4 on the survey scale.
The most cited major reason by the firms for their transformation is cost/simplification (64%), followed by new functionality (55%), service assurance (47%), while 43% cited the adoption of new technology as the major reason. Only 34% cited time to market/agility as a major factor.
Top priorities for 2015
According to the report almost all of the top priorities for 2015 are up considerably compared to 2014, with the top priority the virtualisation up from 6.5 in 2014 to 7.3 in 2015. The second biggest priority for organisations is Virus/malware advanced threat detection/eradication, rated of 7.1. As high profile hacks and the continued sophistication of cyber-criminals are ‘threatening to blow the lid off organisational cyber security defences. Defending against these predators is consuming large amounts of IT hours and resources at a time when a majority of organisations are undergoing a major IT transformation’, cyber security remains a top priority in 2015.
Tied for third place are data breach and privacy laws compliance, increasing from 6.2 last year to 7.0 this year; incidence responses to attacks, involving containment and recovery, up from 6.3; the monitoring of security events; and enterprise architecture too. The tie for 7th place – which includes 7 items with an index score of 6.9 – go mainly to IT management and governance, with further IT security issues, such as vulnerability scanning and incidence response and reaction too rating highly.
Commenting on these results, Kurt Underwood, a Managing Director with Protiviti and Global Leader of the IT consulting Practice, says: “Gone are the days where information security and data privacy vulnerabilities are viewed as just technical issues. Today, these challenges include critical business policy, governance, compliance and communications that must be addressed across the enterprise, placing even more responsibilities on the shoulders of executive management. Our survey findings show that organisations going through major transformations see the need to elevate more of their attention and budgets toward mitigating and combating security risks as they seek to enhance and protect the value of their businesses with technology.”