Topics:
Digital Life
Surprise! You're Not To Blame For Security Breaches
For years, security software vendors have drummed up sales of anti-virus and remote device management software by peddling tales of CIOs gluing USB ports so that end-users (you and me, their own employees) wouldn't inadvertently introduce malware that would infect the company's systems and start calling home with its vital data or, worse, so we wouldn't walk away with valuable information on a flash drive we would then foolishly leave at the counter of the local Dunkin' Donuts, or sell on Craigslist (psst, want a peek at our client list?). But while companies have been spending hundreds of millions of dollars on software designed to wipe the contents of lost BlackBerrys and refuse permission to copy files, it turns out that the worst exacerbators of this very real problem are IT managers who have failed to secure their own front doors. For instance, a mind-blowing 81% of companies don't comply with PCI standards to which they're subject, according to a study by Verizon. The 2009 Verizon Business Data Breach Investigations Report made it a point to exculpate end-users who have been previously maligned as the source of most breaches: Most data breaches investigated were caused by external sources. Seventy-four percent of breaches resulted from external sources, while 32 percent were linked to business partners. Only 20 percent were caused by insiders, a finding that may be contrary to certain widely held beliefs.In fact, just about everything cited in the report points to negligent practices by IT departments rather than end users. The study also shows that, sadly, the incidence of cybercrime is exploding, which is likely to result tighter security measures. Tighter security measures has traditionally translated to longer lists of "don't do's" for end users, dragging down productivity and even innovation--like some stupid end-user fiddling around with an application and finding an unintended use for it that triples productivity. Maybe the real value of this report is not that it reveals just how bad things are, but who isn't to blame. « RIM CEO Defends The Storm During Interview, Hints At Future Touch Devices | Main | Additional Funding Vital In VC Deals » |
| Sign Up Now For InformationWeek News Alerts |
This is a public forum. United Business Media and its affiliates are not responsible for and do not control what is posted herein. United Business Media makes no warranties or guarantees concerning any advice dispensed by its staff members or readers.
Community standards in this comment area do not permit hate language, excessive profanity, or other patently offensive language. Please be aware that all information posted to this comment area becomes the property of United Business Media LLC and may be edited and republished in print or electronic format as outlined in United Business Media's Terms of Service.
Important Note: This comment area is NOT intended for commercial messages or solicitations of business.
| |||||||||||||||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||||||||||||||
| |
|||||||||||||||||||||||||||||||||||||||||
|
|
|
|
||||||||||||
|
||||||||||||||
|
|
|
|
||||||||||||
| | | ||||||||||||
|
|
|
|
||||||||||||
|
||||||||||||||
|
|
|
|
||||||||||||
| | | ||||||||||||
| | | ||||||||||||
|
Ars Technica
Boing Boing Channel 9 Forums CRN Blogs Dr.Dobb's Portal: Blogs Engadget Gizmodo GrokLaw |
Lifehacker
Schneier on Security Slashdot TechCrunch Techdirt Techmeme Valleywag |
