Latest news
Big Data grows as data security shrinks
Posted on 24 September 2012.
A report published by PricewaterhouseCoopers (PwC) has revealed that despite the growing issue of "Big Data," most organisations are actually keeping looser tabs on data today than in previous years.
Less than 35 percent of respondents said they have an accurate inventory of employee and customer personal data, and only 31 percent reported they had an accurate accounting of locations and jurisdictions of stored data.
The report also stated that 88 percent of consumers use a personal mobile device for both personal and work purposes, yet only 45 percent of companies have a security strategy to address personal devices in the workplace.
Ross Brewer, vice president and managing director of international markets at LogRhythm, made the following comments:
It amazes me that so many organisations still overlook the importance of something as simple as keeping tabs on their data.
Unfortunately, when it comes to Big Data, many organisations also neglect the fact that rather than being a hindrance, Big Data analytics can actually offer invaluable intelligence which will help them greatly improve their IT security.
Furthermore, organisations dealing with the growing BYOD phenomenon or other causes of data increases can get so distracted by security tools – or lack thereof – that they underestimate the value of the information already held within their internal IT systems. As a result, this data is all too often ignored, processed in an inefficient manner or used solely for reactive, forensic purposes.
Organisations must realise that the only way to ensure that cyber threats or other network issues can be effectively identified is to have a 360 degree visibility into every piece of data being generated by IT systems.
And in today’s climate of growing, disparate IT estates, the need for a proactive, continuous and granular view of all activity has never been more important. This helps organisations identify, isolate and remediate any issues as soon as they occur – making it essential to have centralised systems in place that can collect and analyse and most importantly of all, add context to all IT data as and when it is generated. So, rather than shy away from the task of Big Data analytics, organisations should first understand the security benefits that this intelligence can provide and then acknowledge that automation is the only way to effectively navigate the data labyrinth and truly secure their IT networks.
The report also revealed that despite an increase in the number of respondents reporting 50 or more security incidents, fewer than half (45 percent) expect an increase in their budgets in the next 12 months.
The PWC report also highlights another inherent issue in the motivations driving the decisions behind IT security strategy – the fact that budgets do not increase even though security incidents do. LogRhythm’s own research shows that 52 percent of UK businesses have not seen the proportion of IT budget spend on security increase in the last five years, and 77 percent stated that the implementation of data breach penalties, such as the EC’s proposed two percent of an organisation’s global turnover, would motivate them to increase the spending on IT security. This compliance-driven attitude towards IT security must stop if organisations want to ensure they protect the data that they are entrusted with.
Less than 35 percent of respondents said they have an accurate inventory of employee and customer personal data, and only 31 percent reported they had an accurate accounting of locations and jurisdictions of stored data.
The report also stated that 88 percent of consumers use a personal mobile device for both personal and work purposes, yet only 45 percent of companies have a security strategy to address personal devices in the workplace.
Ross Brewer, vice president and managing director of international markets at LogRhythm, made the following comments:It amazes me that so many organisations still overlook the importance of something as simple as keeping tabs on their data.
Unfortunately, when it comes to Big Data, many organisations also neglect the fact that rather than being a hindrance, Big Data analytics can actually offer invaluable intelligence which will help them greatly improve their IT security.
Furthermore, organisations dealing with the growing BYOD phenomenon or other causes of data increases can get so distracted by security tools – or lack thereof – that they underestimate the value of the information already held within their internal IT systems. As a result, this data is all too often ignored, processed in an inefficient manner or used solely for reactive, forensic purposes.
Organisations must realise that the only way to ensure that cyber threats or other network issues can be effectively identified is to have a 360 degree visibility into every piece of data being generated by IT systems.
And in today’s climate of growing, disparate IT estates, the need for a proactive, continuous and granular view of all activity has never been more important. This helps organisations identify, isolate and remediate any issues as soon as they occur – making it essential to have centralised systems in place that can collect and analyse and most importantly of all, add context to all IT data as and when it is generated. So, rather than shy away from the task of Big Data analytics, organisations should first understand the security benefits that this intelligence can provide and then acknowledge that automation is the only way to effectively navigate the data labyrinth and truly secure their IT networks.
The report also revealed that despite an increase in the number of respondents reporting 50 or more security incidents, fewer than half (45 percent) expect an increase in their budgets in the next 12 months.
The PWC report also highlights another inherent issue in the motivations driving the decisions behind IT security strategy – the fact that budgets do not increase even though security incidents do. LogRhythm’s own research shows that 52 percent of UK businesses have not seen the proportion of IT budget spend on security increase in the last five years, and 77 percent stated that the implementation of data breach penalties, such as the EC’s proposed two percent of an organisation’s global turnover, would motivate them to increase the spending on IT security. This compliance-driven attitude towards IT security must stop if organisations want to ensure they protect the data that they are entrusted with.
Spotlight
IT security jobs: What's in demand and how to meet it
Posted on 15 May 2013. | Let's say you want a career in information security, where do you start? What credentials do you need? What are employers looking for? Read on to find some answers.
Is Microsoft is reading your Skype communications?
Posted on 15 May 2013. | The question of whether Skype allows U.S. intelligence and law enforcement agencies to access the communications exchanged by its users has still not been adequately answered by Microsoft.
Internet Explorer best at blocking malware
Posted on 14 May 2013. | While Chrome’s malware download protection improved significantly, Internet Explorer 10 continues to outperform the other browsers with a block rate of 99.96%.
Researcher refuses to help Saudi telco to spy on people
Posted on 14 May 2013. | You would think that a Saudi Arabian telecom firm interested in monitoring its users' mobile communications would not be asking a well-known pro-privacy researcher for help, but you would be wrong.
Malicious browser extensions are hijacking Facebook accounts
Posted on 13 May 2013. | Facebook users - especially those in Brazil - are being targeted with malicious browser extensions trying to hijack Facebook profiles, warns Microsoft.
Daily digest
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
Weekly newsletter
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
