2011 Set to be Worst Ever Year for Security Breaches
2011 Set to be Worst Ever Year for Security Breaches
IT Leaders Say Too Much Info Can Be a Dangerous Thing
IT Leaders Say Too Much Info Can Be a Dangerous Thing
Brits More Likely to Profit from Stolen Data
Brits More Likely to Profit from Stolen Data
Article:

Businesses in Denial When it Comes to IT Security Breaches

Chad Brooks, ITTechNewsDaily Contributor
Date: 08 September 2011 Time: 12:17 AM ET
Follow Us
Share
CREDIT: Dreamstime.com

The majority of businesses appear to be all talk and little action when it comes to combating security breaches, according to a new survey.

Findings from a Tenable Network Security study show thatmore than 90 percent of IT security professionals surveyed discussed large-scale, high-profile breaches such as those at RSA, Citigroup and Sony with senior management — but only 23 percent did anything beyond that.

"It would be impossible and impractical to make changes, updates or company-wide announcements for every data breach reported,” Ron Gula, CEO and chief technology officer at Tenable Network Security, said in a prepared release. “But with record-breaking exposures like what we’ve seen this year, there’s an opportunity for us to learn and to educate employees about the implications of a security breach and reinforce existing policies and information security practices."

It’s not just outside security breaches that businesses are potentially facing. Nearly half of those surveyed reported experiencing some form of an internal threat while at their current company, and they’re not alone.

According to a recent Verizon Business Data Breach Investigations Reports, insider threats are one of the leading sources of data leakage and theft for businesses. Findings indicate that nearly one in three breaches over the past two years came as a result of an insider attack, and, in 2010, 93 percent of insider breaches were considered deliberate or malicious attacks.

Yet despite the large number of internal issues, those surveyed ranked preventing insider threats as the second-lowest information security priority for the next six to eight months, with mobile device security being the top priority.

IT security professionals themselves also are to blame for the security breaches, according to the study. One in three security professionals admitted they had violated internal security policies they created in order to complete a work-related task more quickly or easily.

“The productivity versus security battle continues to create problems for enterprises,” Gula said. “Employees, including privileged security professionals, are going to do whatever it takes to get the job done, regardless of policies or security risks.”
 

The survey of IT security professionals from several industries – including financial services, government, retail and health care – was conducted at the 2011 Gartner Security and Risk Management Summit.

Share
Company Pages
TechMediaNetwork Brands
Join Our Mailing List
Follow Us On
RSS Facebook Twitter
IT TechNewsDaily Copyright © 2012 TechMediaNetwork.com All rights reserved.