In Asia-Pacific (excluding Japan) or APEJ, 17.8% of public sector agencies actively choose to freeze investments in information security or decide not to secure certain public information in order to meet their IT budgets, according to a study by IDC.
The study revealed that half of the respondents are not proactive in preparing for the threats brought on by new technologies.
The study highlighted that to justify investments in information security, regulatory requirements (59%), client requirements (28.2%), and liability and exposure (12.8%) are the leading drivers for the public sector.
In addition, the APEJ public sector is primarily reacting to external factors that demand its efforts in the area of information security rather than adopting a strategic approach.
IDC Government Insights research manager Frank Levering said it appears that awareness of appropriate security policies and best practices is poor among governments in APEJ.
"Where policies and strategies are in place, the gap between best intentions and operational execution is frequently large," Levering said.
"Many public sector agencies appear to lack the tools or processes for basic monitoring of security events, their frequency, nature or source. This is despite the rising security threats brought about by employees connected to the governmental networks using their personal mobile devices.’
