India’s security capabilities lead those of the US and most other countries, says PricewaterhouseCoopers /CIO/CSO Magazine’s Global State of Information Security Study 2008

NEW DELHI, 29 October, 2008 – India’s security practices have shown over 100% advancement in last three years, and as a result, India’s security capabilities lead those of the US, UK, and China, according to the 6^th annual Global State of Information Security Survey® 2008. The study – the largest of its kind – was conducted by PricewaterhouseCoopers LLP (PwC) in conjunction with CIO and CSO magazines. The study polled 7,000 information technology executives from 119 countries across all industries on the challenges of protecting corporate information assets.

Boosted primarily by the widespread progress, Indian companies are now at par and many surpass North American companies in establishing leading practices in security, the study found. Companies in South America are making great strides in many critical areas of security and are catching up quickly. Efforts to improve information security in Europe, meanwhile, appear to have stalled.

”India has fared better than global counterparts in terms of strategic initiatives across security domains. Companies in India have not only surpassed their global counterparts in deploying security technology, but also have invested significantly in organisational and process measures” says Sivarama Krishnan, executive director in the security practice of PricewaterhouseCoopers. “We expect the trend to continue given that most of the respondents expect the security spending to increase in next 12 months.”

This year, survey respondents across industries and sectors, countries and regions, business models and company sizes, report strong double-digit advances in implementing new security technologies. Overall, 74% of respondents reported that information security spending will either increase or stay the same over the next 12 months.

According to the survey, business continuity still remains a major driver for security spending. Half of the respondents said that company reputation was a major driver for security spends. More Indian organizations than ever are investing in web site and web services security (65%), wireless and handheld security (42%), VPN (73%), intrusion prevention (69%).

“We know security is on the minds of decision makers around the globe,” says Abbie Lundberg, Editor of CIO magazine. "One question we were interested in this year was where the investment emphasis is being placed. The answer is in technology; now companies need to back that up with an increased focus on ensuring compliance with existing policies and programs.”

In spite of the rapidly evolving maturity of security capabilities, a surprisingly large percentage of respondents “don’t know what they don’t know.” Many respondents cannot answer basic questions about the risks to their company’s key information. Thirty-five percent of respondents aren’t sure how many security incidents their organisations have had in the past 12 months. This number is higher in North America (40%) and Europe (36%) than it is in South America (28%) and Asia (25%). As a result, security remains largely a reactive function of the organisation.

“Companies must decide on the right strategy, engage the right people, target the right data, and employ the right technology effectively. Those that are ready for the surprises will be the ones to succeed,” says Lobel.

To learn more about the survey, including industry specific highlights and further regional information, please visit www.pwc.com/giss2008 .

ENDS

Notes to Editor:

About PricewaterhouseCoopers
PricewaterhouseCoopers Pvt. Ltd. (www.pwc.com/India) provides industry - focused tax and advisory services to build public trust and enhance value for its clients and their stakeholders. PwC professionals work collaboratively using connected thinking to develop fresh perspectives and practical advice. Complementing our depth of industry expertise and breadth of skills is our sound knowledge of the local business environment in India. PricewaterhouseCoopers is committed to working with our clients to deliver the solutions that help them take on the challenges of the ever-changing business environment.

PwC has offices in Ahmedabad, Bangalore, Bhubaneshwar, Chennai, Delhi NCR, Hyderabad, Kolkata, Mumbai, and Pune.

“PricewaterhouseCoopers”, a registered trademark, refers to PricewaterhouseCoopers Private Limited (a limited company in India) or, as the context requires, other member firms of PricewaterhouseCoopers International Limited, each of which is a separate and independent legal entity.
The name PricewaterhouseCoopers is one word, with uppercase P, uppercase C, and all other letters in lower case.

About PricewaterhouseCoopers' Advisory Practice
PricewaterhouseCoopers' business advisory professionals provide clients with the confidence to succeed by helping them anticipate, create and manage change. Whether clients are proactively implementing change or reacting to an unplanned event, we leverage our Firm's resources, deep industry experience, and functional acumen across the areas of operations, finance, organizational strategy and structure, process improvement, human resources optimization, technology integration and implementation, risk mitigation and crisis management to help organizations effect sustainable change.

About CIO and CSO Magazines
CIO and CSO magazines are published by CXO Media Inc., producer of award-winning media properties, executive programs and the CIO Executive Council for corporate officers who use technology and security to thrive and prosper in this new era of business. The CIO portfolio includes CIO.com, CIO magazine (launched in 1987), CIO Executive Programs and the CIO Executive Council. CIO properties provide business technology leaders with analysis and insight on information technology trends and a keen understanding of IT’s role in achieving business goals. The U.S. edition of the magazine and website are recipients of more than 200 awards to date, including the Top B-to-B magazine since 2000 from American Society of Business Publication Editors, two Grand Neals from the Jesse H. Neal National Business Journalism Awards and two Magazine of the Year awards from the National Society of Business Publication Editors.

Launched in 2002 the CSO portfolio includes CSOonline.com, CSO magazine and CSO Executive Programs. The properties provide chief security officers (CSOs) in the public and private sectors with analysis and insight on security trends and a keen understanding of how to develop and implement successful strategies to secure all business assets—from people to information and financial value to physical infrastructure. The US edition of the magazine and website are the recipients of more than 100 awards to date, including the Top B-to-B magazine since 2000 and Magazine of the Year award from the American Society of Business Publication