funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Six Years Later CIOs Still Clue-less

From: Gary Warner <gar () askgar com>
Date: Wed, 27 Jun 2007 18:19:10 -0500
In 2000, Robert Half (RHI) did a survey of 1,400 Chief Information
Officers, and asked them the question:

"Are you confident that your firm's corporate networks are safe from
internal and external security breaches?"

91% said they were confident their companies' networks were secure.

Their answer was mocked by many security professional's in this Dan
Verton ComputerWorld article of January 8, 2001.

http://www.computerworld.com/managementtopics/management/story/0,10801,55981,00.html

Who would have believed that such an answer could still be given today,
after all the advances in Information Security Awareness?

Imagine my surprise when I was going through my newspaper clippings this
evening.  Wednesday, June 27, 2007.  USA Today.  Page B-1, the front
page of the MONEY section.  Bottom left corner.

---------------

A pie chart on a computer that's been pierced with a padlock.

Title:  CIOs confident about security

Are you confident that your firm's corporate networks are safe from
internal and external security breaches?

Confident:      96%
Not confident:   4%

Source: Robert Half Technology survey of 1,400 chief information
officers of companies with 100 or more employees.

-----------------

A few possible explanations to this:


(1) The USA Today does not specify on what planet the survey was conducted.

(2) The CEOs was in the room when the CIOs were asked the question.

(3) It was such a slow news day at USA Today that they decided to rehash
 a six year old survey, presenting the facts in the most mis-leading way
possible.  The actual survey results for this question, as revealed in
the PRNewswire story of December 29, 2000, were that 36% were "very
confident" and 55% were "somewhat confident" that there networks were
secure.  That would make the pie chart look more like (64% express some
doubt) (36% express little doubt) to me!  The original PR piece also
quoted RHI Exec Katherine Spencer Lee as using the evidence to warn
folks that even if they "believe they aren't likely targets for hackers,
they should be prepared".

If there was a survey since the one in December 2000, I couldn't Google
it up, but would love to see it if anyone has a copy.


_-_
gar
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: