As the dust begins to settle on the Sony Pictures Entertainment data breach, we continue to see major threats to corporate digital assets become reality. And they are growing in both size and impact on corporations, well beyond customer personally identifiable information (PII). In Sony Pictures’ case, the breach extended to the very digital assets it produces. So, one has to wonder, are other companies really worried about digital risk?
Well, based on some recent survey data, I’d have to say – yes, they are worried. In fact, several weeks ago, I published an analysis of our annual Gartner IT Risk Management Survey and it contains some telling results. It showed that demands from board members and senior executives for IT risk management data increased dramatically in the past year. In 2013, only 46% of survey respondents noted that IT risk management data influenced board level decision making. However, in 2014, that percentage rose to a whopping 70% (see figure below).
Our research is not alone. Boston Consulting Group also reports that 2014 has seen an increase of 126% in cyber attacks reported by companies, an increase of 83% in references to digital asset security in top broker research and an increase of 9% in worldwide spending in IT security.
So, the challenge for companies now is how to equip themselves for future threats and protect their most vital digital assets. That is also what the focus of our risk management research at Gartner is designed to address. In 2015, we will be investigating how companies are evolving their IT risk management programs to better manage these growing digital risks.
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.