Availability overtakes security as IT concern

In the last year IT has developed a more balanced approach to risk management, with increased emphasis on availability problems as opposed to security, according to a Symantec report.

More than three quarters of IT professionals (78 per cent) thought availability issues were a critical or serious risk to business IT. A smaller number (70 per cent) said that security was serious, despite it often attracting more attention because of its high visibility and impact.

"People are starting to think [of risk management] not just as security," said Darren Thomson, senior director of IT risk management at Symantec. "In the report last year everybody gravitated to security, such as with problems like viruses and malware."

"That hasn't gone away but I think there's a bigger recognition that there are other types of risk that people need to keep on top of, such as availability. For example, what happens if a data centre goes down or if we have a major system failure? What are the procedures and processes if something like that happens?"

Compliance (68 per cent) and performance (70 per cent) were also factors that IT professionals thought were serious or critical risks. The report said that because these percentages were so close to availability and security, it showed businesses were approaching IT better prepared for all the different potential problems that could occur.

"It is encouraging to see Symantec's report highlight that organisations are recognising the criticality of managing IT risks in areas such as availability and performance in addition to security," said Jon Oltsik, senior analyst at Enterprise strategy group. "In today's connected world, businesses are starting to understand that failures across a broad spectrum of systems can impact the business operations and results."

The findings were in the IT risk management report volume two, released by Symantec and which involved the structured survey of 400 IT professionals worldwide. As IT PRO has reported, businesses are taking risk management and governance more seriously.

"Given that businesses are spending as much as 50 per cent of their capital expenditure on IT and that it is critical to any business I can think of, risk management is a topic across the boardroom now," said Thomson.