By Kelly Jackson Higgins
Dec 07, 2008
A new report underscores a major disconnect between IT and security
groups when it comes to what most threatens their organizations.
The Ponemon Institute's 2008 Security Mega Trends Survey, which was
commissioned by Lumension, reveals just how far apart IT departments and
security groups are when it comes to what they perceive as the biggest
threats to their data today and in the next 12 to 24 months. While
outsourcing risks are at the top of IT managers' worries, data breaches
and cybercrime are the biggest worries for security.
More specifically, half of the IT managers said that outsourcing was a
high or very high security risk to their organizations today and in the
next one to two years; 44 percent also pointed to data breaches as a
comparable risk today, while 40 percent expect them to be so in the next
one to two years. Security professionals, meanwhile, ranked data
breaches and cybercrime higher: Sixty-six percent consider data breaches
high or very high risks today, while 65 percent rank them as such for
the next year to two years. In addition, 65 percent say cybercrime is a
high or very high risk to their organizations today, while 77 percent
say it will be in the next 12 to 24 months. That's in contrast to the IT
side, where 47 percent consider it a high risk today, and 49 percent
expect that it will be in the next year to two years.
"We see a big disconnect between IT and security in their thoughts about
data breaches and how risky that is to a business," says Pat Clawson,
CEO of Lumension.
But the most disturbing disconnect was in actual breaches. While 92
percent of security professionals say their organizations had suffered a
cyberattack, only 55 percent of IT staffers said the same, while 32
percent said they were uncertain. "That just floored me," Clawson says.
"That shows the silos" that still exist, he says.
Help InfoSecNews.org with a donation!