Big data policies lacking in Australian and New Zealand organisations: survey

Despite big data being an increasing area of focus, just 22 per cent of Australian and New Zealand IT professionals surveyed in ISACA’s 2013 IT Risk/Reward Barometer are confident their enterprise has a policy regarding how it manages big data. Instead, almost two-thirds (61 per cent) of respondents said their company has no policy around big data – and a further 17 per cent of Australasian IT professionals were unsure.

Furthermore, just 5 per cent of IT professionals say their enterprise is very prepared to ensure effective governance and privacy of big data. The majority, 45 per cent, believe their organisation is “adequately prepared” and one-quarter (25 per cent) said they are “not prepared at all”. Yet, information is currency and enterprises must not only protect and manage it, but also use it to drive business value.

Conducted by ISACA, a global association of 110,000 IT security, assurance, governance and risk professionals, the IT Risk/Reward Barometer asked 2,013 IT professionals about the risks and rewards of key trends, including big data. Big data refers to the exponentially growing bytes of information that are created and collected in today’s digital world, often with datasets so large they require specialist software tools to capture, store, manage and analyse the data.

“While there has been an explosion in the data that organisations collect, the processes to manage, store and ensure the security of such information haven’t been as quick to keep up,” said Jo Stewart-Rattray, CISA, CISM, CGEIT, CRISC, FACS CP, director of information security and IT assurance at BRM Holdich and International Director of ISACA.

“Australian and New Zealand IT professionals need to ask the tough questions to make certain their enterprises are taking the necessary measures to ensure that governance issues and privacy related concerns are properly addressed, and their systems are as secure as possible.”

When asked what the biggest challenge their enterprise is facing with regards to big data, the most-cited reason from Australian and New Zealand respondents was a lack of analytics capabilities or skills (28 per cent). The management and storage of large volumes of data came second, highlighted by 22 per cent of respondents. Compliance requirements were noted by a further 14 per cent of IT professionals.

To help enterprises meet these challenges, ISACA has released a new guide based on the COBIT 5 business framework, which helps enterprises govern and manage their information—COBIT 5: Enabling Information.

“Companies in all industries and all geographies are struggling with massive volumes of data and increasingly complex compliance requirements,” said Steven De Haes, chair of the publication’s development team. “When governance structures and processes are in place, enterprises are much more equipped to handle these challenges.

“At many enterprises, information is spread across multiple isolated silos, repeated in redundant copies scattered throughout the company, and underutilised,” De Haes continued. “ISACA’s goal is to help companies simplify information governance so that they are not only able to handle the information pouring in from a vast number of channels, but also derive value from it.”

COBIT 5: Enabling Information also helps enterprises deal with three key aspects of big data: fraud detection, IT predictive analytics and marketing situational awareness. It aims to provide readers with three key benefits:

1. A comprehensive information model that includes all aspects of information, including stakeholders, goals and good practices. 2. Guidance on how to use COBIT 5 to address common information governance issues, such as Big Data and privacy concerns. 3. A deep understanding of why information needs to be governed and managed, along with clear guidance on how to accomplish that.

COBIT 5: Enabling Information can be purchased from www.isaca.org/enablinginformation. The COBIT 5 framework can be downloaded free of charge at www.isaca.org/cobit.

Join the CSO newsletter!

Error: Please check your email address.

Tags big data

More about BRM HoldichEnablingISACA

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by CSO staff

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place