Security: one of the first priorities of Belgian organizations

Following several major security incidents, Belgian companies are increasingly aware that we should not joke with security. Meanwhile, people realize that there is not enough action taken today and that social networks seem to be a weak link in security policies. These are some of the findings from an investigation by the security specialist Bull during the InfoSecurity held in March in Brussels.

126 people in total participated in the survey. This was to ascertain the views of respondents on five scenarios inspired by reality. "We preferred to ask people what they thought about specific cases rather than the abstract question," says Adele Folletti, security practice manager at Bull Belux.

According to respondents, companies invest in resilience mainly due to some spectacular disasters that have already occurred and which had serious implications for security. 55 percent of respondents said that this is the main reason pushing companies to invest in resilience. A third think the main concern relates to the risk of financial loss and degradation of the reputation for breach of the activity. One in five mentions of corporate governance laws like Sarbanes-Oxley, Basel etc.. ... While 15 percent believe that companies review best practices of their competitors to develop their own resilience strategy.

Visitors InfoSecurity also believe that companies conduct a proactive security. Nearly six in ten respondents (59%) believe that companies proactively create business continuity plans, test and implement the appropriate technologies to support these plans. Forty percent say that companies behave in an essentially reactive: they may have some emergency procedures and risk management, but they have no guarantee plan for business continuity or recovery plan after a loss for these procedures.

Companies do very little confidence in cloud solutions for backup and storage. Only 44 percent of respondents say they would opt for the storage and backup in the cloud if they had operational responsibility for an IS department. Among those who rely on technology for cloud storage and backup, eight in ten (79%) would ensure that the system is regularly tested to make sure you can recover all data in case of emergency. Twenty-one percent would rely on contractual agreements with the service provider.

The survey conducted at InfoSecurity reveals that people believe in awareness campaigns to ensure safety. Faced with a scenario in which the company decides to distribute smartphones to all employees, sixty percent of respondents indicate that the security officer should launch an awareness campaign to educate smartphone users not to exchange information sensitive through such devices. Ten percent would simply trust the existing security framework; to thirty percent of respondents, the security officer should stop the deployment of smartphones, run an analysis and review the existing security framework.

Social networks seem to be one of the weakest links of security firms. According to respondents, one in five is likely to directly share on social networks of the secrets of his company on a technological example, while forty-three percent would share such information through private messages in the part of direct talks. The survey participants believe that only thirty-seven percent would not disclose such information confidential.

"This survey clearly shows that organizations conduct an active debate about their security strategy," concluded Adele Folletti. "The security constraints are increasing day by day, often for reasons of compliance with rules and laws. By helping organizations to implement security mechanisms that focus on operational, customers are no longer forced to choose between trust and productivity. With Bull, computer security is actively involved in promoting the development of business activity of a company. "