The interim results of the Continuity Central business continuity and information security snapshot survey

Published: Tuesday, 15 September 2015 07:48

Business continuity and information security threats and impacts have been increasing in severity; but is this change having an effect on the traditional demarcation lines between business continuity and information security management? Continuity Central is running a survey to look at this issue.

The interim results of the survey show an interesting dichotomy. While 70 percent of respondents see information security as a business continuity issue just 22 percent of business continuity teams are involved in managing information security threats; and only 35 percent of BC teams help respond to information security incidents.

40 percent of respondents believe that information security should be led by a team consisting of representatives from different areas of the organization, and 21 percent think it should be led by the risk management team. Only 15 percent think that information security should be led by the IT department / business unit and just 3 percent think that it should be led by the business continuity team.

When it comes to information security incidents, 50 percent of respondents say that response should be led by a team consisting of representatives from different areas of the organization. 17 percent believe that it should be led by the IT department / business unit and 9 percent believe that the business continuity team should lead the response.

In terms of board responsibility, 14 percent of respondents say that information security management should be led by the board; and 3 percent believe that the board should lead information security incident response.

The survey is still open: please take part at https://www.surveymonkey.com/r/BCandISM