Given the breadth and depth of security breaches spanning the globe this year - all of which have had a long-lasting negative impact on organizations and consumers alike - IT security and IT operations professionals have an increasingly critical task at hand, to protect sensitive data wherever it lives in an organization
Scottsdale, Ariz. (PRWEB) December 9, 2008
Cybercrime and outsourcing were named top security concerns according to a new study commissioned by Lumension Security and conducted independently by The Ponemon Institute. The survey found that 50 percent of IT operations professionals viewed outsourcing as an imminent and near-time critical risk, while more than 75 percent of IT security professionals noted cybercrime a major issue -despite concerted efforts to thwart hackers in recent years. In tandem, survey results highlighted an increase in shared thinking between traditionally disparate IT functions within the organization - IT operations and IT security.
"With the emergence of consumer technology in the workplace, coupled with social networking and Web 2.0 technologies and the increased sophistication of cyber criminals, truly securing an organization's IT environment is an uphill battle," said Larry Ponemon, chairman and founder, Ponemon Institute. "In the next year or two, these challenges will increase in both the breadth and depth of threats - the companies we surveyed made this very clear. The key for both IT operations and IT security is to find the common ground necessary to better-wage this security battle together."
The 2008 Security Mega Trends Survey was developed to better understand if certain publicized IT risks to personal and confidential data are truly a concern for organizations in the next two years. Based on interviews with IT experts in operations and information security, the following eight mega trends rose to the top: cloud computing; virtualization; mobility and mobile devices; cybercrime; outsourcing to third parties; data breaches and the risk of identity theft; peer-to-peer (P2P) file sharing and Web 2.0.
Key Findings from the 2008 Security Mega Trends Survey include:
- Outsourced IT is a Major Concern: As companies look to reduce costs based on economic factors in 2009, outsourcing will continue to be an attractive option for efficiency gains. The security risks associated with outsourcing are tremendous according to survey data. The top risks posed by outsourcing according to IT security (50%) and IT operations (59%) respondents is the exposure of sensitive information to third parties and the threat that that data will be improperly protected in transit.
- Data Breaches and Cybercrime are on the Rise: Survey results indicated that the biggest concern relative to data loss is the threat of data making it into the hands of cyber thieves (46% for IT security and 24% for IT operations), thus wreaking continued havoc not just on the customers whose data was stolen but also on the organizations responsible for that lost data. IT survey participants reported that 92 percent of the organizations have experienced a cyber attack The injury to corporate brands as a result of a major data loss incident is critical, especially in an economic downturn
- Workforce Mobility Contributes to Data Loss: IT security and IT operations' respondents (96% and 91% respectively) agree that employee mobility introduces a significant threat to securing corporate data as it diminishes IT's ability to properly identify and authenticate remote users on the network.
- Emerging technologies - Web 2.0, P2P, virtualization and cloud computing - are growing in prevalence with Cloud computing causing the most concern: The influx of new technologies - both business and consumer technologies - has opened additional avenues for cyber thieves to steal trade secrets and confidential business information. Cloud computing came out on top with 61 percent of respondents ranking it as a major security concern among the emerging technology trends. Virtualization was perceived as the least concerning at this time, though survey respondents cited all of these types of technologies as key concerns in the next year, where the increased risk to expose sensitive data ranked highest among both respondent groups.
"Given the breadth and depth of security breaches spanning the globe this year - all of which have had a long-lasting negative impact on organizations and consumers alike - IT security and IT operations professionals have an increasingly critical task at hand, to protect sensitive data wherever it lives in an organization," said Pat Clawson, CEO & Chairman, Lumension Security. "What became clear, in conducting this research, is that while these threats will only increase over time, the gap between these distinct groups is starting to close. This is a great step forward in waging the data security battle - the less siloed and more collaborative IT security and operations groups operate, the more successful they will be in protecting their company's most valued asset: sensitive corporate data and trade secrets."
For additional insight into the mega trends outlined in this year's survey, please download the full results of the 2008 Mega Trends Survey.
About The Ponemon Institute:
The Ponemon Institute© is dedicated to advancing responsible information and privacy management practices in business and government. To achieve this objective, the Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a variety of industries.
About Lumension Security™, Inc.:
Lumension Security™, formed by the combination of PatchLink® Corporation and SecureWave® S.A., is a recognized, global security management company, providing unified protection and control of enterprise endpoints for more than 5,100 customers and 14 million nodes worldwide. Leveraging its proven Positive Security Model, Lumension Security enables organizations to effectively manage risk at the endpoint by delivering best-of-breed, policy-based solutions that simplify the entire security management lifecycle. This includes automated asset discovery, vulnerability assessment, remediation and validation; security configuration management; application control and device control; extensive policy compliance reporting; and integration with leading network access control solutions. Headquartered in Scottsdale, Arizona, Lumension has offices worldwide. PatchLink, now Lumension, was founded in 1991.
Lumension Security, the Lumension logo, PatchLink® and Sanctuary® are trademarks or registered trademarks of Lumension Security. All other trademarks are the property of their respective owners.