Is Security a Myth?

Recent surveys and reports about information security—or the lack of it—are discouraging, to put it mildly. Consider the following statistics:

• In 2008, there were 656 breaches of personal data, up 47 percent from 2007, according to a report from the Centre for Information Policy Leadership at Hunton & Williams.

• A recent study by the Ponemon Institute found that more than 88 percent of 2008 data breaches resulted from negligence. (See “The Cost of Data Breaches,” .)

• “The security measures that most financial institutions and other service providers have in place are proving inadequate in the face of the new cyber-crime attacks against customer accounts,” stated a Gartner release.

• More than three out of 10 respondents to a survey by PriceWaterhouseCoopers couldn’t answer basic questions about risks to their company’s information.

• The number of new malicious Web sites in the fourth quarter of 2008 surpassed by 50 percent the total number of these sites in 2007, said the 2008 IBM X-Force Annual Trend and Risk Report.

• About 7.5 percent of U.S. adults lost money in 2008 because of financial fraud, largely because of data breaches, said a recent Gartner survey.

• According to a report from Credant Technologies, 99 percent of the people polled use their phones to do some business, and 80 percent store information on their phones that could be used to steal their identity.

• A recent survey conducted by SHARE reported that 18 percent of the IT managers polled said security is one of the greatest challenges to virtualization.

• In an IntraLink survey, 48 percent of the finance executives polled said their company’s current methods of exchanging documents with external parties “may not be secure enough.”

This sample of security reports is sobering. And there are many other surveys out there that reveal a shocking lack of security despite the huge sums of money spent to safeguard information. For years, dollars, technology, people and processes have been thrown at this problem, but, rather than abating, the challenge seems to increase each year.