Implementing or improving Data Leakage Prevention (DLP) technologies is a key strategy, with 43 per cent planning increased investment, and was identified by 40 per cent of respondents as one of their top three priorities over the next 12 months (Ernst & Young 2009 Global Information Security Survey)

However, encryption is seeing surprisingly low deployment levels, with a mere 41 per cent of respondents currently encrypting their laptops, and only 17 per cent planning to do so in the next year. Similarly, email encryption is at 35 per cent, with a 5 per cent minority planning to do so in the next year.

Richard Brown, IT risk advisory partner, Ernst & Young, said: “It’s interesting that there is an adoption barrier here, which we believe may be down to a variety of factors. Standardisation of hardware is a potential issue, as are global legislative variations. Cost may be a factor, and differing levels of maturity may be playing a part too. It’s likely that many enterprises recognise the value of laptop encryption, but are playing a longer game to ensure that peripherals and third parties can be included in a larger implementation.”

The survey also found that a huge 75 per cent of respondents are concerned with possible reprisals from employees who have recently left their organisations. Furthermore, 42 per cent of respondents are already trying to understand the potential risks related to this issue and 26 per cent are already taking steps to mitigate them.  

Brown continued: “Increasingly, the employer’s IT system has become a common target and data theft is also prevalent. It is paramount that companies undertake a specific risk assessment exercise to identify their potential exposure and put in place appropriate risk-based responses.”

The Ernst & Young 2009 Global Information Security Survey canvassed the views of 1,900 senior executives in more than 60 countries.