“Our Take” on “Data theft replaces malware as top security concern”
 |
|---|
This is interesting – only 38 out of 100 interviewed Enterprise IT Security Chiefs consider theft of information their number one concern. Hang on – what are the other 62 concerned with? I always thought the point of information security was to protect data from unauthorized disclosure (i.e. Theft)? Maybe I’m missing something here but an infosec pro who considers the (non data theft) risk of virus attack more significant and more risky is missing the big picture. Maybe this is just the result of an oversimplification of the Cisco report, but you have to wonder.
Perhaps those who were not primarily concerned with data theft actually have implemented some solutions to prevent it? If this is indeed so, they are the lucky ones, as other analysts report that only 2% of corporate-owned computer equipment has any security system deployed. More damming is the closing paragraphs which again highlight that though the IT Security Chiefs know they need to implement security, be it because of the threat of regulation, law suits, embarrassment, loss of data to competitors, or maybe even simply good practice, only 50 out of 100 responded that their board considered security a top level mandate.
This probably explains why it takes the average mid-size enterprise over nine months to actually start a pilot after deciding to “do some security.” What’s the solution? It’s simple. Boards need to consider security of data to be a benefit to the organization, not a cost. Once that’s recognized, maybe we’ll see a lot more people actually doing something about the issues.
Media Contact for SafeBoot International:
| Non-EMEA / APAC | EMEA/APAC |
| Eric Sommerton | Tom de Jongh |
| eric.sommerton@safeboot.com | tom.dejongh@safeboot.com |
| +1.239.430.0386 | +31(0)30 634 88 00 |
