Can businesses manage information risk and capitalise on the value of their information? Iron Mountain in conjunction with PwC has just published the figures for the third annual Information Risk Maturity Index. This year, the mid-market report involves 1,800 organisations located in Europe and, for the first time, North America. The report’s conclusions were surprising:
- Size and location don’t matter.
Companies in all sectors and geographies are struggling to manage information risk. As the variety, volume and velocity of information increases, so does the potential for risk.
- Information has value, but. . .
Companies recognise the opportunity in their information but struggle to find and use it to add value. Only around a quarter of the companies surveyed use information to increase their speed to market, and even fewer use information to boost service development cycles. Read our press release on this topic.
- Information risk is largely an IT-only issue.
Very few organisations distribute the responsibility for information throughout the business to include all employees who create and use it to do their jobs.
- The infosec challenge on paper.
For most of the organisations surveyed, the biggest information risk they face is not cyber threats or malware, but their paper-based information. The majority of businesses (62% in the mid-market and 58% of companies with more than 2500 employees) ranked paper records as the greatest threat to their information security.