A recently published report, Cyber-security – Defending your future, commissioned by specialist recruiter Robert Half has found that one in three (33 per cent) of CIOs say a lack of employee knowledge and skills around data security is the most significant security risk their organisation will face in the next five years.
While traditionally, the response to IT security has been to find the optimum way to protect a business’ assets from external security attacks, a growing risk now faces organisations in the form of potential internal security threats. This threat is made evident by the fact that almost three in four (74 per cent) CIOs allow their employees to access corporate data on their personal devices.
The recruiter snow saying that Hong Kong’s Chief Information Officers (CIOs) are stepping up their fight against the security risks posed by the widespread use of Bring Your Own Device (BYOD) practices, where employees use their own laptops, tablets and smartphones at work.
Adam Johnston, managing director Robert Half Hong Kong said: “With such a highly mobile and device driven workforce in Hong Kong, it is no surprise that companies see potential in boosting productivity and engagement by offering BYOD options. However, these practices pose a significant cyber-security threat and demand that corporate networks and data are protected, that mobile device management strategies are put in place, and that security policies are developed.
“Although it may not be intentional, simple human error can expose companies to increased cyber-attacks and situations where sensitive company data can be compromised. The impact of a data security breach on a company’s reputation can be devastating and it can take years to win back customer confidence, so proactively developing a robust IT security strategy that covers both external and internal risks, should be a top priority.”
To combat the ongoing threat posed by BYOD, nearly all (99 per cent) CIOs are taking steps to protect their company from potential data breaches. 57 per cent have deployed mobile device management technologies to enforce enhanced protection on employee’s mobile devices, while 56 per cent require employees to sign an acceptable use policy. More than half (51 per cent) of CIOs are providing training to their staff on maintaining security with using their mobile devices and more than two in four (45 per cent) are using authentication software.
There is an increased demand for IT security specialists with the niche skills needed to protect companies against data security risks, including risks related to BYOD. But finding the right skillset is a challenge. 98 per cent of Hong Kong CIOs find it challenging to source skilled technology professionals, with almost one in four (23 per cent) saying professionals with mobile security skills are the most in demand.
“Protecting their company from the cyber-threats posed by employees and BYOD is a crucial issue for Hong Kong CIOs. The solution is to treat IT security as a continuous enterprise-wide process while making all employees aware of the risks associated with email, social media and confidential information,” Adam Johnston concluded.