Companies in China and Hong Kong have a false sense of security, said PwC recently when releasing results of its 2012 Global State of Information Security Survey.

While 61 percent of respondent in China and Hong Kong--compared to 43 percent globally--believe that they have an effective security strategy and are proactive, only 13 percent of firms have made the 'leader-cut', according to Kenneth Wong, partner, Risk & Controls Solutions at PwC,.

Wong said the leader-cut firms have an overall information security strategy in place, a CSO or CISO (chief information security officer) or an equivalent executive who reports to the top of an organization, both measured and reviewed security policy effectiveness on an annual basis, and a good understanding of the security breaches facing their organizations in the past year.

The survey was conducted online by PwC, CIO Magazine (, and CSO Magazine ( between February 10 and April 18, 2011, with 13 percent of the 9,600 respondents coming from mainland China and Hong Kong.

"Many organizations in China still lag behind when it comes to aligning and getting an appropriate balance between people, process, and technology in data protection," said Wong.

According to survey results, 51 percent of China and Hong Kong respondents have hired CISOs while 58 percent of firms have CSOs and 56 percent information security consultants.

Among firms in China or Hong Kong that haven't hired security professionals, 38 percent indicate employing a CISO is a top priority in the next 12 months while 30 percent indicate employing a CSO as a top priority and 34 percent aim to hire information security consultants.

When it comes to security spending over the next 12 months, 38 percent of firms in China and Hong Kong said they will up their budget by 11 to 30 percent and 35 percent will up their budget by up to 10 percent, survey results indicated. Only 10 percent of the organizations in China and Hong Kong will increase their security spending by more than 30 percent, PwC noted.