cioinsight.com
Home > RSS Feeds > Security
  • Considering the attention the NSA surveillance scandal has received, it's not surprising that many companies are reluctant to store sensitive data in the cloud.

  • These days, it's nearly impossible to open a newspaper or peruse a business or technology Website without reading about a serious security breach at a company, university or government agency. According to a new survey report from Turnkey Consulting, "A Risk Perspective on 2014" (see slides below), fraud and data loss are growing more prevalent. Unfortunately, a significant number of IT executives aren't responding to these threats with a focused and cohesive strategy. What's more, in many cases, there's a lack of automation and integration across infrastructure and databases. According to Turnkey, organizations must re-examine the way they view and approach digital security. They must revamp business processes and technology in order to minimize the risk of a serious breach, along with the fines, financial loss and reputational damage that comes with it. "Despite the increase in risk, the role of IT security in reducing it does not appear to be well-understood," says Richard Hunt, managing director of Turnkey Consulting. "Making IT security a priority on a day-to-day basis should be regarded as good business practice. … This enables organizations to move away from the traditional method of operating several disparate systems to manage risk … and instead adopt an end-to-end approach."

  • I'm about as techy as you can get, but I'm about ready to unplug everything and disconnect from the grid, thanks to the recent news about the Heartbleed bug.

  • What's the best way to ensure security and governance in a world where the impact of big data is not yet fully understood? Begin by asking the right questions.

  • Many organizations suffer from network outages that are caused when IT staffers misconfigure changes during events such as preventative maintenance windows, according to a recent survey from Avaya, which was conducted by Dynamic Markets Limited. These outages translate into major business expenses, and the fallout is significant. In fact, many technology professionals who are considered at fault end up losing their jobs. Other negative consequences include delays for other IT projects, an overall productivity drain and supply chain disruptions. "Networking today requires more flexibility and agility than ever before, as IT staff face unique challenges and pressures to be proactive in troubleshooting," says Marc Randall, senior vice president of networking and general manager for Avaya. "But we feel there is an opportunity to be error-free from the get-go. IT departments need a network that dramatically simplifies maintenance and reduces errors, so companies can save revenue and employees can save their jobs." A total of 210 IT professionals in the United States, Canada and the United Kingdom took part in the research.

  • "Risk master" companies focus on strategic and emerging risk. They don't just respond to and recover from these events—they gain competitive advantage from them.

  • U.S. financial services companies lost an average of $23.6 million from cyber-security breaches in 2013—the highest average loss across 26 industries.

  • An organization's response in the first hours after a security incident can determine whether a cyber-attacker is caught—or even detected. In other words: You snooze, you lose. That makes the findings of the latest study from the Ponemon Institute, "Threat Intelligence & Incident Response," that much more disheartening. Ponemon, which conducted the research independently for security software provider AccessData, surveyed more than 1,000 IT and information security pros in the United States, Europe, the Middle East and Africa. The upshot of the research? Organizations are finding that their incident response technologies, threat intelligence and security staff's skill sets are all deficient in ways that undermine efforts to respond to cyber-attacks. "Building and managing a company's cyber-defense is very hard to get right because of insufficient funding, personnel shortages, organizational silos and complexity of enabling technologies," says Larry Ponemon, founder of the Ponemon Institute. "The attacker is getting smarter, is better funded and is operating in greater stealth." Following are 10 highlights culled from the report.