Making Tough Information Security Spending Decisions: A Key to High Performance in Challenging Times

The budgetary and other pressures of the current economic crisis have added to the complexity of securing an organization’s information. Accenture leverages its research and global experience to help you understand the imperatives and then find a way to balance risk and the need for cost containment.

To receive more Research & Insights, sign up for My Outlook, your single e-mail source for all of Accenture's latest ideas and innovation, personalized specifically to your business interests and the industry issues you face.

Information security has always been a primary focus in the financial services industry. However, the recent economic crisis has dramatically increased the pressure on CIOs to better understand the risks their organizations face and then improve information security to deal with potential vulnerabilities.

Internal fraud and theft as well as increasingly sophisticated cybercrime are continued threats. The Accenture 2009 Global Risk Management Study, based on a survey of more than 250 risk officers and CEOs, shows that compliance and regulatory risk is also expected to increase. At the same time, budgets are constrained as never before, meaning that information security has to be balanced with the need for cost containment. Financial services companies simply must get information security right if they are to stay on the path to achieving high performance.

Given this perspective, an effective approach to information security now needs to be more comprehensive than traditional approaches. Accenture recommends a four-dimensional approach that integrates:

• Policies, standards and processes.
• Security and privacy architectures.
• Governance.
• Leadership and change programs.

Then, a security assessment that focuses on the entire institution must be conducted to give a clearer understanding of the current security and risk situation as well as forming the basis for a plan to close any identified gaps. Cost analysis is also an important step.

Based on its work with clients around the globe and its research into the characteristics of high-performance businesses, Accenture believes that non-discretionary spend should focus on the following key areas:

• Identity and access management.
• Data protection and privacy.
• Application security.
• Infrastructure security.

Other elements identified in the assessment process can form part of a longer-term process.

Contact us to find out how Accenture can help your organization create an effective, realistic information security strategy that will support the drive to achieve high performance.

To receive more Research & Insights, sign up for My Outlook, your single e-mail source for all of Accenture's latest ideas and innovation, personalized specifically to your business interests and the industry issues you face.

Back to Accenture Research & Insights home page