IT security programmes being delayed by board hold-ups

Two-thirds of UK firms believe their security programme is now "continuously reactive". UK firms are split between a desire protect their products or their business when it comes to security priorities, according to new research. A report from Optiv found that many UK IT security decision makers feel a lack of proper security focus and understanding in their business is harming overall growth potential. Overall, nearly three in five IT leaders felt a lack of board understanding of security priories was making it impossible to get approval for their work, a critical issue when over half (56 percent) of firms required board sign off to begin their security programmes. This led to only 23 percent saying they felt the rest of their business understands the security strategy extremely well. This constant need to stay on top of industry-wide issues alongside specific company priorities led nearly two out of three firms to say their security programme was "continuously reactive" in order to deal with constantly changing legislation, threats, and other external factors.