IT security investment decisions have found their way up to the C-suite in Hong Kong, according to a survey conducted by Frost & Sullivan Southeast Asia.
Commissioned by Fortinet in October, the survey polled 300 senior technology executives in Hong Kong, Malaysia, Singapore and Thailand. Among the 75 respondents from Hong Kong, 77% of them state the company's CEO is making IT decisions, with only 36% of technology executives stating themselves as the key decision makers.
"The impact of a security breach on business is real and broad, and management wants to be proactively involved in preventing it," said Edison Yu, associate director, ICT practice Frost & Sullivan Asia Pacific. "As IT security starts to be treated as a business risk, we see it becoming an integral part of organizations' risk management strategies."
Customer satisfaction trumps compliance
The survey also indicated customer satisfaction has overtaken compliance and risk reduction as the leading driver for enterprise in Asia to adopt IT security. Yu said the finding demonstrates the strategic role of IT security in businesses.
Although Singapore executives continued to rank risk reduction as the top driver for security investment, customer satisfaction is a close second. In Hong Kong, technology executives ranked employee productivity concerns as the top driver, suggesting a relatively receptive attitude towards trends like BYOD.
"The finding suggests that organizations in the region have moved from implementing IT security to comply with rules and policies to leveraging it in a more strategic manner," Yu said. "This is a healthy development that bodes well for enterprises' long-term prospects."
Data centers take on security
Regarding security operations, a significant number of respondents from Hong Kong (14.7%) indicated they prefer their data centers to take the role as security operation center (SOC). This trend is less significant in Singapore, with only 10.7% stating the same.
"Using the data center as their new SOC is a logical extension and a good way to maximize the value of their data center investment," said Yu. "This aspiration is consistent with organizations' rising adoption of private clouds to consolidate IT in the data center."
In terms of security technologies, both Hong Kong and Singapore tech executives ranked application security as the most critical. Meanwhile, network security is ranked at high position among enterprises in Thailand and Malaysia.
"The C-suites are rethinking and reviewing their approach to IT security," said George Chang, Fortinet's VP for Southeast Asia & Hong Kong. "Their realization that IT security is a business enabler rather than an infrastructure cost will pave the way for a more secure environment."