Blog|Login|中文Deutsche日本語
October 28, 2008
 We Don't Need Gimmicks
Pin It
The Wall Street Journal reports that some security software companies are turning to gimmicks to try to raise awareness around the problem of data breaches. The article states:

"Breaches are up despite the fact that the percentage of businesses that encrypt laptop computers, databases, and back-up tapes--all places where sensitive data are kept--increased about 10 percentage points over the last year, according to a survey of corporate security executives by PricewaterhouseCoopers"

It goes on to add:

"The survey numbers underscore how technology can get a business only so far. Real security is a result of people understanding the nature of the threat and acting responsibly. Unfortunately, most people seem to be tuning out security news."

In my opinion, the major issue is not the lack of awareness, but the fact that the majority of existing market solutions can not prevent data breaches and are not able to protect against web application attacks or data theft from a database. There is a reason that the PCI council mandates firewalls and Anti Viruses and Web Application Firewalls and Data access control and activity monitoring and strong encryption....

Morgan Stanley's report explains the transition in the security market that is leading to an increased focus on the data:

Security is finally starting to get it - the reluctance to target data-centric solutions has been shaken with obvious needs highlighted by unrelenting data loss. But as has been the case throughout the industry's history, private companies are leading the charge and public companies are rapidly (if not rabidly) consuming these more appealing solutions. 

The diagram below illustrates the shift within the security market. Some solutions are becoming widely deployed; however, the risk landscape is changing. The focus is on the application data, not the worm, virus or a script kiddie's attack.




morgan Stanley on data security.pngSome security vendors still don't have the the necessary solutions. In the spirit of the upcoming election, the people do not need gimmicks, they need solutions.

image source: http://www.infosec-technologies.com/PDFs/State%20Of%20Security%20031507.pdf


Comments

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Comments are moderated, and will not appear until the author has approved them.

« PCI Scanning After "Any Change" Makes A LOT of Sense | Main | Lunching (and other things) in The City »

Find Us Online
RSS Feed - Subscribe Twitter Facebook iTunes LinkedIn YouTube
Authors
Monthly Archives
Email Subscription
Sign up here to receive our blog: