BreachExchange mailing list archives
Data Theft a Major Concern for Organizations
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Thu, 1 May 2014 19:47:10 -0600
http://www.eweek.com/security/data-theft-a-major-concern-for-organizations.html Companies lack the tools and intelligence to protect critical information, and there exists a critical deficit of security solution effectiveness, a disconnect in company executives’ perceived value of data and limited visibility into attack activity, according to the results of a global cyber-security report, conducted by the Ponemon Institute and sponsored by Websense. The findings, based on the responses of IT security practitioners with an average of 10 years’ experience in the field from 15 countries, including Brazil, China, Germany, India, the United Kingdom and the United States, revealed a global consensus that security professionals need access to heightened threat intelligence and defenses. According to respondents, there is a gap between data breach perception and reality–specifically regarding the potential revenue loss to their business. Eighty percent of respondents say their company’s leaders do not equate losing confidential data with a potential loss of revenue. Fifty-seven percent of respondents do not think their organization is protected from advanced cyber-attacks, and 63 percent doubt they can stop the ex-filtration of confidential information. In addition, the majority of respondents (69 percent) said they believe cyber-security threats sometimes fall through the cracks of their companies’ existing security systems. "While there are significant differences among countries for specific questions (such as availability of cyber-attack intelligence), the overall analysis indicates that a majority of security professionals do not feel adequately armed to defend their organizations from threats," Larry Ponemon, chairman and founder of the Ponemon Institute, said in a statement. "This challenge is further compounded by a perception that company leaders do not believe that data breaches will lead to loss of revenue. Our research has shown this is simply untrue." Less than half of the respondents (41 percent) said they believe they have a good understanding about the threat landscape facing their company, and just 37 percent of respondents could say with certainty that their organization lost sensitive or confidential information as a result of a cyber-attack. In addition, more than one-third (35 percent) of those who had lost sensitive or confidential information did not know exactly what data had been stolen. "This global security report shows that the cyber-security industry still has more work to do when it comes to addressing cyber-attacks," John McCormack, Websense CEO, said in a statement. "Security professionals need effective security measures and heightened security intelligence to keep organizations safe from advanced attacks and data loss." Nearly half (48 percent) of respondents said their board-level executives have a sub-par understanding of security issues. However, the report noted cyber-security awareness has actually most likely increased from that of a few years ago. About six in 10 (59 percent) companies do not have adequate intelligence or are unsure about attempted attacks and their impact. Further, 51 percent say their security solutions do not inform them about the root causes of an attack, or they are unsure.
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus on the right security. If you need security help or want to provide real risk reduction for your clients contact us!
Current thread:
- Data Theft a Major Concern for Organizations Audrey McNeil (May 08)