Press Release


 ISACA Finds UK Organisations Are Cautious About Augmented Reality, Despite Business Benefits 

Rolling Meadows, IL, USA (14 Nov 2016) — Awareness of augmented reality (AR) grew rapidly this year with the popularity of the Pokémon Go game, which many organisations quickly leveraged as an opportunity to attract customers. However, a new study of more than 6,500 business and IT professionals from global business technology and cybersecurity association ISACA shows UK organisations are still hesitant to use it for business purposes.

Only 18 percent of the 363 UK professionals surveyed are convinced that the benefits of AR outweigh the risks—the majority remain unsure. This number is 21 percent globally, indicating that the security concerns related to the adoption of AR are a widespread trend across the world. Additionally, 41 percent say their organisations do not use AR in the workplace and have no plans to do so over the next year.

“We expect to see these numbers change in the very near future as businesses begin to view AR as a valuable technology that results in positive business outcomes, including improved training, education, marketing and customer experience,” said Rob Clyde, board director of ISACA and executive advisor at BullGuard Software.

For now, security concerns are among the top barriers to adoption of AR, along with worries about insufficient ROI. Additionally, among UK technology professionals:

  • 63 percent say their organisation does not have a policy to address the use of AR apps in the workplace.
  • 4 in 10 say both organisations and consumers should be very concerned about the privacy risks associated with AR.
  • Only 17 percent have used AR outside of work.

However, even those who aren’t actively using AR need to be monitoring it, says Clyde. Virtual graffiti apps using AR technology can deface buildings, landmarks and other surfaces with negative, unauthorized imagery. Fifty-four percent of UK consumers believe that their current workplace is vulnerable to “virtual graffiti” attacks, yet only 3 percent of UK technology professionals say their organisation has a programme in place to monitor them.

ISACA’s annual IT Risk/Reward Barometer polls thousands of technology professionals and consumers worldwide to uncover attitudes and behaviors about essential technologies and information, and the trade-offs organizations and consumers must make in weighing both the benefits and potential threats. This year’s five-country consumer study – conducted in the US, UK, Australia, India and Singapore – focused on IoT devices and those enhanced with AR.

More than three in four consumers in each region surveyed are concerned that these enhancements may make their devices more vulnerable to a privacy breach, including 76 percent in the UK.

Still, the potential upside of AR is evident. A recent estimate from Goldman Sachs predicts that the hardware and software market for augmented reality and virtual reality will grow to over £65 billion by 2025.* Despite most respondents reporting low confidence in their knowledge of AR-technology, there is a growing awareness of the potential benefits, with more than 60 percent of UK employees agreeing that AR-enhanced devices can be beneficial at home and in the workplace.

To help organisations overcome the barriers to adopting AR and monitor AR apps that could impact their business, ISACA offers the following recommendations:

  • Extend social media monitoring to AR platforms. Leverage and extend current social media policies and monitoring to augmented reality platforms.
  • Consider how AR can improve your business. Training, diagnostics and marketing are three areas with particularly strong potential.
  • Review your governance framework and update your policies. Incorporate use of AR as part of the business into organisational policies and procedures—including BYOD (bring your own device) and privacy policies.
  • Build security into every part of the process. Security is a crucial component of AR initiatives that helps ensure confidence in the data.

“Enterprises need to work on being agile and applying sound measures around governance, security and risk management to fully realise the benefits of these technology advances. Proactive monitoring for malicious activity like virtual graffiti and data breaches is critical for businesses to gain the full value of new technologies while mitigating risk,” said Christos Dimitriadis, Ph.D. CISA, CISM, CRISC, chair of ISACA’s Board of Directors and group director of Information Security for INTRALOT.

To view global survey results, including related graphics and expert insights, visit

About the IT Risk/Reward Barometer

The annual IT Risk/Reward Barometer is a global indicator of trust in information. Conducted by ISACA, a global association of more than 140,000 IT security, assurance, risk and governance professionals, the Barometer polls thousands of business and IT professionals and consumers worldwide to uncover attitudes and behaviors about essential technologies and information, and the trade-offs people make to balance risk and reward. The study is based on online polling of 6,591 ISACA members among 140 countries from 19-29 September 2016. Additional online surveys were fielded by M/A/R/C Research among 1,230 consumers in the US, 1,000 consumers in the UK, 1,000 consumers in Australia, 1,001 consumers in India and 1,000 consumers in Singapore. The US survey ran 6-8 August 2016, and the UK, Australia, India and Singapore surveys ran 12-23 August 2016. At a 95 percent confidence level, the margin of error for each individual country sample is +/- 3.1 percent.


ISACA ( helps professionals around the globe realize the positive potential of technology in an evolving digital world. By offering industry-leading knowledge, standards, credentialing and education, ISACA enables professionals to apply technology in ways that instill confidence, address threats, drive innovation and create positive momentum for their organisations. Established in 1969, ISACA is a global association with more than 140,000 members and certification holders in 187 countries. ISACA is the creator of the COBIT framework, which helps organisations effectively govern and manage their information and technology. Through its Cybersecurity Nexus (CSX), ISACA helps organisations develop skilled cyber workforces and enables individuals to grow and advance their cyber careers.

LinkedIn: ISACA (Official),

* “Virtual & Augmented Reality: Understanding the Race for the Next Computing Platform,” Jan. 13, 2016, Goldman Sachs.


Kristen Kessinger, +1.847.660.5512,
Karl O’Doherty, Ketchum, +44.20.3755.6492,