skip to main content
Close Icon We use cookies to improve your website experience.  To learn about our use of cookies and how you can manage your cookie settings, please see our Cookie Policy.  By continuing to use the website, you consent to our use of cookies.
Global Search Configuration

Ovum view


Despite a continuing string of high-profile information security breaches, many organizations still have a very poor understanding that they will certainly be subject to similar failures. There is also a lack of planning regarding how to react when these events occur. CEOs and executive boards need to ensure that information security is consistently on their agenda, and that there is a clear mandate at a senior level to assess risk, report status, and respond to incidents.

Certainly, most businesses will have the appropriate security solutions in place, and can point to malware detection, firewalls, email security measures, identity and access management, security intelligence, and any number of other elements designed to keep attacks at bay. However, the majority of security breaches are attributable to failure of process, rather than of technology, and organizations need to take an end-to-end business-focused view of their security planning and response.

It is interesting to compare the ways in which we treat financial and information resources within our organizations. The CFO has an absolute mandate to put in place the checks and controls that ensure financial resources are monitored and accounted for to the last penny. This culture is second nature to all employees, in that we know that accurate billing must take place, expenses must be accounted for, and the defined procedures are followed to the letter.

Contrast this with the way that information is treated in most organizations. There is rarely anyone with a clear mandate at a senior level to manage and safeguard information, and very few controls in place that monitor information in any way that mirrors these financial processes. The security measures attempt to erect fences, but they don’t track what happens to the assets that sit behind them. This is somewhat akin to locking the till, but never bothering to count what is in it.

Organizations must therefore put greater emphasis on the value of information assets and the processes in place to protect them, as well as the awareness of these controls by all employees and stakeholders. They must be able to report swiftly, accurately, and simply on the status of these assets and their controls at board level, giving a clear picture of information security risk and response in the context of business operations.

Straight Talk is a weekly briefing from the desk of the Chief Research Officer. To receive this newsletter by email, please contact us.

Recommended Articles

  • Internet of Things

    IoT Viewpoints 2018

    IoT Viewpoints explore the IoT opportunity in 2018 and beyond. Download our latest e-book to get our newest collection of thought leadership articles on the emerging IoT trends, technologies and opportunities.

    Topics IoT

  • Consumer & Entertainment Services

    US pay TV: Is it facing an existential threat?

    By Adam Thomas 28 Mar 2018

    With US pay TV having endured the worst year in its history, thoughts have inevitably turned to the future. The likelihood remains that the immediate future will remain highly uncomfortable for everyone except the scaled multinational digital platforms.

  • Enterprise Services

    5G: Another technology in search of enterprise use cases

    By Evan Kirchheimer 26 Apr 2018

    Service provider interest in justifying 5G investment through its potential to open new revenue streams from the enterprise segment is growing ever greater.


Have any questions? Speak to a Specialist

Europe, Middle East & Africa team - +44 (0) 207 017 7700

Asia-Pacific team - +61 (0)3 960 16700

US team - +1 646 957 8878

Email us at

You can also contact your named/allocated Client Services Executive using their direct dial.
PR enquiries - Call us at +44 788 597 5160 or email us at

Contact marketing -

Already an Ovum client? Login to the Knowledge Center now