The highest marks for the Hong Kong government came when measured against other "regional economies," perhaps indicating that respondents were more confident in their neighbors' inabilities to handle similar problems than their own government's capacity to provide leadership.

Industry/government cooperation

Frank Yam, chairperson of the Information Security Specialist Group of the Hong Kong Computer Society (HKCS-ISSG), highlighted the importance of communication between the HKSAR government and the IS industry. "The survey provided valuable information in understanding the needs and desires of IS professionals in Hong Kong," said Yam, who emphasized that the results could be used by the government as a basis to formulate corresponding IS strategies and policies.

"The security issue that concerned most of the [surveyed] IS professionals (91 percent) is the limited actions [taken to] promote the adoption of IT governance and IS standards," said Andy Ho, chairperson of the Professional Information Security Association (PISA). "Most companies and public organizations in Hong Kong, in particular, are not keen to deploy security standards. Over 90 percent of IT professionals believe that internationally recognized IT governance and IS standards, such as COBIT and ISO17799, are not well adopted in [either] the public [or] private sectors."

Ho said that given the role of Hong Kong as an international financial center, and the heavy reliance on information by corporations, it's alarming that the need for security standards has been overlooked. "An information security incident in one organization could very likely have a ripple effect across other critical infrastructures and systems," he said. "Any cyberattack can seriously damage our economy if current IS capabilities are not kept up-to-date with international practices."