The survey for the report – carried out as part nCircle's 2011 Information Security and Compliance Trend Study – found that the top three security concerns for 2011 were meeting security compliance requirements, cloud computing, and advanced persistent threats.
44% of companies admitted that they ineffectively measure and report on security risk reduction and compliance – a 7% hike on the numbers seen last year.
40% of the 563 respondents polled, meanwhile, said that reducing network and information security risks, as well as demonstrating continuous compliance, continue to be key enterprise security priorities.
Delving into the research reveals that 15% of respondents – more than two and a half times last year’s percentage – believe that external threats are increasing.
According to nCircle, the results of the survey bring the challenges that enterprise security teams face into sharp focus.
Commenting on the results, Elizabeth Ireland, vice president of marketing for nCircle, said that recession continues to impact corporate security.
The results, she added, are not good news because the rapid increase in the threat environment doesn't correlate to an increase in the security initiatives necessary to counter-balance growing risk.
"On a positive note, this is the second consecutive year security teams believe executives are more aware of security risks", she said.
"This trend should translate to greater executive focus on security initiatives, increased support for security policy enforcement and a stronger focus on securing business processes", she added.
Ireland went on to say that greater executive awareness is also likely to bring a deeper focus on measurable results across all security investments.
Security professionals that can accurately measure the performance of security investments and communicate those measurements across the enterprise, she noted, will be in the best position to leverage the increase in executive attention