Simply Security - News, Views, and Opinions from Trend Micro

Posted on March 28th, 2012 in Current News, Vulnerabilities & Exploits by Simply Security | Be the first to comment | Tags: Current News

There are three questions all companies should ask regarding data security.

Cybersecurity has become top priority for companies around the world as high-profile data breaches continue to make headlines and cybercriminals and so-called “hacktivists” are constantly improving the sophistication of their attacks. Keeping pace in the volatile and fluid threat landscape takes a keen focus on protecting data from myriad threats.

“These attacks are increasing in number, even as companies increase investments in security technologies, improve their capabilities and tighten policies. Why? In part, the continued migration of business value online has attracted more capable malevolent actors,” data security experts James Kaplan and Allen Weinberg recently wrote for the Harvard Business Review.

To aid their efforts in thwarting outside attacks and securing customer and other sensitive information, companies should be asking themselves three specific questions. And with the right answers, Kaplan and Weinberg wrote, they will be able to craft Internet security protocols accordingly.

How do we strike a balance between security and experience?

While it’s true that organizations should protect confidential information by any means possible, they still must think about the implications their measures will have on customers. Moving forward, Kaplan and Weinberg wrote, companies will make different levels of protection options available, at least to customers. For example, a customer will be allowed to “make trade offs between security and convenience.”

How do we protect data without stifling collaboration?

This is similar to the previous question, only it addresses the experience of the company’s employees. Essentially, the experts said, data security programs can’t be so strict to the point that protection requirements and practices hinder professionals from getting their work done. Furthermore, employees frustrated by security that is too strict may look for ways to circumvent policies and responsibilities.

What can be done about partners?

Even when outsourcing data to third parties, the need to protect the information still lies with the original company that produced or collected it. There are a number of options available to uphold this need, the experts said. One, for example, is to segment out sensitive data.

Answering these questions and addressing challenges is more important than ever, considering that experts at the recent RSA conference noted that cybersecurity is at a crossroads, according to Government Security News. Specifically, the report noted, senior government officials believe that more needs to be done to protect data and networks, as attacks persist and the public continues to be victimized.

Security News from Trend Micro