Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Sunday, December 07, 2008

Report: IT, Security Departments Not Seeing Eye To Eye On Threats To The Business

A new report underscores a major disconnect between IT and security groups when it comes to what most threatens their organizations.  The Ponemon Institute’s 2008 Security Mega Trends Survey, which was commissioned by Lumension, reveals just how far apart IT departments and security groups are when it comes to what they perceive as the biggest threats to their data today and in the next 12 to 24 months.  While outsourcing risks are at the top of IT managers’ worries, data breaches and cybercrime are the biggest worries for security.

More specifically, half of the IT managers said that outsourcing was a high or very high security risk to their organizations today and in the next one to two years; 44 percent also pointed to data breaches as a comparable risk today, while 40 percent expect them to be so in the next one to two years.

Security professionals, meanwhile, ranked data breaches and cybercrime higher: Sixty-six percent consider data breaches high or very high risks today, while 65 percent rank them as such for the next year to two years.

“We see a big disconnect between IT and security in their thoughts about data breaches and how risky that is to a business,” says Pat Clawson, CEO of Lumension.

While 92 percent of security professionals say their organizations had suffered a cyberattack, only 55 percent of IT staffers said the same, while 32 percent said they were uncertain.  Interestingly, both IT and security departments don’t rate virtualization as high risk.;jsessionid=W4TNO0P1S4NS2QSNDLRSKH0CJUNN2JVN?articleID=212300005

Posted on 12/07