Sixty per cent profess to having only “some idea” as to where their customer data is stored and “limited controls” over it.

Brand reputation, risk management and preventing data loss surfaced clearly as the burning concerns of senior security professionals participating in the London meeting of the CSO Interchange, a high level forum geared to discussing hot topics of the day.

Speaking at the event, cross-bench peer, Lord Erroll, a member of the House of Lords Science and Technology Committee, described the recent HMRC data breach as a “godsend”…”with luck the missing CDs have ended up in a landfill site but this fiasco will force the government to start taking security seriously and the powers of the Information Commissioner’s Office will be strengthened.”

Concerns about data loss were clearly a running theme throughout the debate. Although 32 per cent felt they did know where their customer data was being kept and had controls in place. Alarmingly, 9 per cent of those present had not even yet considered data loss as a specific issue.

Philippe Courtot, Chairman and CEO of Qualys and Co-founder of the CSO Interchange, said that more than 70 per cent of the security professionals attending CSO Interchange indicated that securing their networks and therefore the confidentiality of their electronically stored data is now harder than ever.

He added that the HMRC breach and other recent media stories are forcing this in to the open as a public issue. We must take these matters seriously and rethink the way security is provided online.

"Four years ago The Jericho Forum was the first non-government organisation to sound the alarm by suggesting practical and effective solutions for high industry. As yet their call to action has gone unanswered. Now is the time for industry and government alike to seize the initiative,” Courtot said.

Managing risk was clearly seen as being the biggest driver to security strategy and executives know they need to improve at this. Half of those surveyed felt they could do better at articulating the impact of risks within their organisation as well as the impact of mitigating them financially.

There was clear recognition too for the risks posed by insiders within their organisation – with 75% citing this as greater than the risks from outsiders.

The survey found that 50 per cent see Software-as-a-service (SaaS) as displacing enterprise software. Sixty-four per cent see the job of securing their networking environment as harder than one year ago, with the majority seeing time, personnel and budget as the biggest obstacles to doing their job.

Surprisingly, 62 per cent have no real interest yet in environmental issues.

Related articles

• Fasthosts aapologises after sites are hacked
• Half of employers now ban Facebook
• Online sales hit record in July

• CSO Interchange