Simply Security - News, Views, and Opinions from Trend Micro

Posted on August 28th, 2012 in Current News by Simply Security | Be the first to comment | Tags: Current News

The people in charge of an organization do not necessarily understand the intricacy or importance of data security.

The people in charge of an organization do not necessarily understand the intricacy or importance of data security. They know that files are constantly created and must be maintained, but apart from the amount of money devoted to the practice, few know exactly how essential a secure mainframe can be.

The volume and severity of corporate data theft and hacks is continuing to increase, and in response, more organizations are noticing the need for better data security at higher levels. Now it seems the impact of loss has finally clicked with CEOs and other leaders, hopefully spurring more disaster recovery and security protocols into place.

Awareness on the rise

For the longest time there seems to have been a feeling among business leaders that their organizations were impervious to attacks, both internal and external, and that data was safe wherever it was. They didn't know where those files were, who was caring for them or how the systems managing them worked, but they knew that a nebulous someone in someplace was in charge of the situation, certainly.

A study by Corporate Board Member (CBM) and FTI Consulting found that this sentiment is changing finally, with more organizations' leadership aware of the dangers entangled with data protection. Failure to properly safeguard business files could make them an easy target, and once key information is compromised, failure is imminent for many companies. The Insurance Information Institute reported that almost half will have to close their doors following a disaster, according to PC Magazine, a number that has scared many CEOs into action.

The call to arms

Once businesses know the kinds of threats they face, they can better prepare themselves to meet these dangers and block them effectively. Many reports and studies have shown the means and rate at which hackers execute attacks, but little action has been taken on the executive to date.

"I hate to say this, but I think it is going to take several well-publicized security breaches before a majority of corporate boards finally embrace the fact that doing business today without a prudent crisis plan in place is a formula for disaster," TK Kerstetter of CBM told FTI Consulting. "While a number of companies are taking steps to become more educated on IT risks, the fact is that not enough are taking the appropriate actions to fully prepare their organization."

The 12th Annual Law and Boardroom Study revealed that more than half of all CEOs are in fact aware of the danger, naming it their main concern in business security. Data security was also a key issue for about half of all directors and general councilors. That represents a 25 percent increase from results of the same study four years ago, a fact that hopefully means data protection will grow an equal amount in the future.

However, it appears not all organizations are doing anything with this information apart from saying they're concerned. PC Magazine reported another study of IT personnel showing one-fourth have no business continuity plans at all and their companies aren't doing any planning to prevent thefts and outages. At the same time, about half are looking into building or implementing a plan, with only 26 percent currently operating some form of data protection program.

Respondents of the CBM survey said resoundingly that planning for the future was a main initiative they wanted to focus on. Hopefully this majority will incorporate data security methods into their plans and evolve IT strategies to reflect modern dangers to business continuity.