More than 50% of EMEA Government Organizations Surveyed Do Not Have a Documented and Approved Information Security Strategy in Place, says IDC Government Insights

(PresseBox) ( London, )
In a recent survey conducted across major cities in Europe, IDC Government Insights found that less than half of the respondents' organizations have an official strategy in place to overcome potential information security threats. More insights are revealed in the report, Information Security in the Public Sector: Avoiding the Risk of Non-Compliance and Political Embarrassment (Doc #GITD01T), which sheds light on the fundamental issues around core security initiatives within government organizations across Europe.

The survey report outlines recommendations that will help government IT executives to maximize the benefits of their investments in information security, to minimize the risk of security breaches and other events, while embracing new opportunities, such as cloud, social networking, and mobile devices.

"In a world of changing technologies, increasing threat sophistication and heavy emphasis on data privacy and protection, it is important to sustain investment in information security. Although there is continued pressure to reduce the costs of public administration, ongoing investment in information security is vital. The risk of non-compliance with increasing regulation and legislation as well as the risk of political embarrassment are sufficient to warrant ongoing investment," said Jan Duffy, EMEA research director, IDC Government Insights.

She adds "Even though more than 70% of respondents from EMEA government organizations believe that information security is viewed as a strategic policy and process initiative and not merely as a technology cost, the lack of budgets still appears to be the key barrier to ensuring information security in line with the regulatory pressures."

The survey further reveals that the top security threat perceived by government organizations is employee error or accidental loss of sensitive information. More than 29% of EMEA government organizations considered human error or accidents to be the biggest threat to information security, followed closely with increased proliferation and sophistication of threats. As government organizations prepare to overcome these threats, a security initiative taken by the majority of organizations is protection against viruses.

"The growth of a digital society in the public sector poses security challenges around cloud computing and newer Web technologies. The study confirms that adoption of cloud by government organizations is going to be a slow and considered approach, but it's important for public sector organizations to reevaluate their current security practices. Before adopting cloud services in the organization, it will be important for information officers to ask the hard questions: Which data is sensitive and critical and where does it reside? What are the policies for encryption and data quarantine? What current internal policies and access controls are in place to enable collaboration and email usage? How well equipped, funded and staffed is the internal IT security organization? Can it keep up with the ever increasing external threat sophistication?

"We would advise organizations to apply an enterprisewide information security architecture to security processes, people, and systems if they are to successfully operate new Web technologies and cloud services without a breach of security" concludes Jan Duffy.

The IDC Government Insights report, Information Security in the Public Sector: Avoiding the Risk of Non-Compliance and Political Embarrassment (Doc #GITD01T), covers the fundamental issues around the evolving role of the chief information security officer, government organizations' commitment to information security, and core information technology security initiatives. Also addressed in the document are security risk concerns pertaining to transformational innovation (including the emergence of mobile devices, cloud computing, and the embrace of social networking) and how government organizations are dealing with the perennial threat of security. Finally, it gauges respondents' expectations around changes in IT security budgets over the next 12 months.

To purchase the report, please contact Kanupriya at email: To set up a media interview with Jan Duffy, contact Kanupriya at Reports are available to qualified members of the media.

About IDC Government Insights

IDC Government Insights assists government policy, program, and IT leaders, as well as the suppliers who serve them, in making more effective technology decisions by providing accurate, timely, and insightful fact-based research and consulting services. Staffed by senior analysts with decades of government and IT industry experience, our global research analyzes and advises on business and technology issues facing the Federal/Central and local/provincial Governments. International Data Corporation (IDC) is the premier global provider of market intelligence, advisory services, and events for the information technology market. IDC is a subsidiary of IDG, the world's leading technology, media, research, and events company. For more information, please visit, email, or call 571.296.8060. Visit the IDC Government Insights Community at
The publisher indicated in each case is solely responsible for the press releases above, the event or job offer displayed, and the image and sound material used (see company info when clicking on image/message title or company info right column). As a rule, the publisher is also the author of the press releases and the attached image, sound and information material.
The use of information published here for personal information and editorial processing is generally free of charge. Please clarify any copyright issues with the stated publisher before further use. In the event of publication, please send a specimen copy to