As the dust begins to settle on the Sony Pictures Entertainment data breach, we continue to see major threats to corporate digital assets become reality. And they are growing in both size and impact on corporations, well beyond customer personally identifiable information (PII). In Sony Pictures’ case, the breach extended to the very digital assets it produces. So, one has to wonder, are other companies really worried about digital risk?
Well, based on some recent survey data, I’d have to say – yes, they are worried. In fact, several weeks ago, I published an analysis of our annual Gartner IT Risk Management Survey and it contains some telling results. It showed that demands from board members and senior executives for IT risk management data increased dramatically in the past year. In 2013, only 46% of survey respondents noted that IT risk management data influenced board level decision making. However, in 2014, that percentage rose to a whopping 70% (see figure below).
Our research is not alone. Boston Consulting Group also reports that 2014 has seen an increase of 126% in cyber attacks reported by companies, an increase of 83% in references to digital asset security in top broker research and an increase of 9% in worldwide spending in IT security.
So, the challenge for companies now is how to equip themselves for future threats and protect their most vital digital assets. That is also what the focus of our risk management research at Gartner is designed to address. In 2015, we will be investigating how companies are evolving their IT risk management programs to better manage these growing digital risks.