Have we forgotten all about data breaches?
A year later what has changed? Gary Clarke VP EMEA, SafeNet comments on the current state of data protection: "How fast time flies. A year ago Sony was battling with the fall out of the data breach on its entertainment online services. They and organisations as diverse as Epsilon, Steam and even Nasdaq entered the spotlight on a debate about how large organisations offering or relying on digital services needed to totally overhaul their approach to protecting the data entrusted in them by their customers, partners and end users generally. A year later and how much has changed? One school of thought would be that the scale and frequency of these breaches would be a catalyst for change and lead more organisations to take data protection seriously. Is that really happening?
But so far the evidence is that data breaches resulting in the loss of unsecured information continue to be a problem with competing claims on the volume of reported and unreported incidents.
While it is important to recognise how many of these breaches stem from human error as much as actual hacks, all of them present real risks to any affected organisation and range from reputational damage to fines and financial losses. Breaches are going to happen, but the impact of that breach is significantly lessened if the confidential information that is exposed - whether IP, credit card data, customer data etc - is encrypted and the customer has kept control of the master keys.
Regardless of the good sense of this approach it does seem that organisations aren't going far enough in their data protection strategies. For example we did some polling on our own and found that the majority of IT manager respondents are not utilizing encryption technology beyond IT systems' endpoints to encrypt the actual data and information held inside the perimeter walls. This suggests that many IT managers may not fully appreciate the importance of protecting core data itself with encryption protocols. Despite the increase of data breaches in 201 I the UK businesses participating in the survey said they only plan to encrypt end points rather than extend encryption to the core systems. 68% of breaches and 97% of data records stolen.
|Printer friendly Cite/link Email Feedback|
|Title Annotation:||Security News and Products|
|Publication:||Database and Network Journal|
|Date:||Jun 1, 2012|
|Previous Article:||Cloud security comment.|
|Next Article:||IPv6: a primer: an introduction to IPv6.|