90.2% of CIOs say their domestic security measures are adequate
82.2 % of IT executives say their companies have an information security policy
28.4% of companies do not have a security officer
43.7% of IT executives expect their companies security spending to increase
40.2% have cancelled plans to increase security due to user complaints
The vast majority of the more than 600 IT executives polled for this months CIO Insight survey on security management say their domestic security preparations in the face of threats to their information systems are adequate. And yet more than 40 percent expect their spending on IT security to rise. Meanwhile, the results of the survey suggest that the level of concern with security generally has dropped since Sept. 11—the percentage of companies with information security and business continuity plans has not increased since a year ago, for instance—its still hovering at about 80 percent and 75 percent, respectively. Yet IT executives still complain about the difficulty of educating employees about security and enforcing security policy. Whats wrong with this picture?