Six Challenges That Keep CIOs, Other IT Pros Up at Night

by Darryl K. Taft

The growing frequency of reported data breaches and the complexity of attack vectors have pushed security to the top of CIOs’ list of concerns. More than half of survey respondents (51 percent) believe security planning should be the last item to receive budget cuts. They report the most common security threats facing their organization are vulnerable Web apps, out-of-date security patches and failure to encrypt sensitive data. Furthermore, 60 percent of respondents said that if they were in charge of their organization’s security, they would enforce stricter security policies.

Respondents identified a lack of security education among their colleagues as a top threat. Nearly two-thirds of the survey respondents (62 percent) said leaving company-issued mobile phones or laptops in vulnerable places is the top employee behavior that poses a security threat, followed by password sharing.

Password hygiene concerns also are keeping IT professionals up at night. Survey respondents reported adjacent letter combinations, a single password for multiple applications and users’ failure to change passwords frequently as top threats.

Two-in-five respondents (42 percent) consider the testing of disaster-recovery plans vital and also among the last line items that should be cut from 2015 IT budgets. Yet when asked which IT vendor is the most undervalued by their organization, disaster-recovery vendors ranked the highest.

The average cost of downtime to companies is $686,000 per hour. Yet companies that adopt strong resiliency plans can expect 90 percent less downtime per event compared with the industry average. Companies that test their disaster-recovery plans regularly can reduce downtime by 75 percent.

One out of two survey respondents believe IT talent gets overlooked. Talent acquisition ranked higher than any other overlooked issue, including data center expansion, shadow IT and others.