Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Thursday, June 12, 2008

When it comes to data security breaches, the general public doesn’t need to know

When it comes to data security breaches, 78 percent of US IT decision-makers feel that companies do not need to inform the general public; this according to a recent survey by content security specialists Clearswift.  Of the U.S. organizations polled, 19 percent had suffered a data loss in the last 12-18 months, and of those, 50 percent had experienced more than one.

E-mail is the most popular method of transferring confidential data (over 70% allow staff to transfer confidential data via e-mail), and yet over a quarter of businesses (26%) admit to losing data via e-mail.

While the threat of data loss or breach continues to increase, there are still organizations that have not invested in data security.

Respondents indicated the following as the top three reasons why: 21 percent feel that data loss prevention is not a security threat, 37 percent do not have the budget to invest in data loss prevention solutions, and 16 percent trust their employees to follow the corporate policy.

When asked about the possible impact of data breach notification legislation, 49 percent of respondents that do not currently adhere to data breach notification legislation envision their annual IT spend increasing by at least 10 percent.  In comparison, only one in five (20%) respondents who currently adhere to data breach notification legislation said they have seen no change in their IT spending since the legislation’s introduction.

Posted on 06/12