MBA (7/17/2008 ) Palaparty, Vijay
An increasing number of organizations report losing confidential data in a survey from CA Inc., Islandia, N.Y. Such losses further decrease the already waning percentage of American consumers who feel confident in organizations' abilities to protect personal information.
Seventy-nine percent of consumers attributed reasons for loss of trust and confidence, damage to reputation and reduced customer satisfaction in organizations to major security and privacy breaches.
Overall, consumer satisfaction with organizations decreased 55 percent in the past two years. Security attacks and breaches, specifically, contributed 33 percent to the decline, up from 20 percent in 2006. Sixty-five percent of organizations reported losing confidential data during the same period. Thirty-four percent of the losses were due to security attacks and breaches, up from 22 percent in 2006.
"U.S. businesses and governments recognize it doesn't take much to shake consumer confidence, and they recognize the need to do all they can to assure consumers and constituents," said Lina Liberti, vice president at CA Security Management.
Sixty-one percent of organizations reported that compromised security caused loss of productivity; 35 percent said it caused loss of trust and confidence; and 33 percent expressed embarrassment. The primary reason for information loss and decline in customer satisfaction was due to the changing nature and source of security threats, organizations said in the survey, The CA 2008 Security and Privacy Survey.
Internal security threats rose in 2008. Forty-four percent of organizations said internal breaches caused key security challenges over the 12 months preceding the survey. In 2003, only 12 percent organizations said internal threats were of concern. Virus attacks, however, declined from 68 percent in 2006 to 59 percent in 2008, network attacks from 50 percent to 40 percent and denial-of-service attacks from 40 percent to 26 percent.
"Businesses used to worry about the hackers and thieves launching denial of service attacks from outside the firewall, now they recognize that their greatest danger lurks within the organization,” Liberti said. “The good news is that increasingly businesses are turning to identity and access management solution to ensure that confidential data is safeguarded and available only to the people within the organization who genuinely need to have it."
The number of organizations reporting that they would roll out Identity Access and Management technology in the next 12 months to 18 months increased by 11 percent—from 49 percent in 2006 to 60 percent in 2008. IAM technology enables organizations to facilitate and control access by users to applications and resources while protecting confidential personal and business information from unauthorized access. Eighty-five percent of organizations reported that they already us an IAM solution, of which 75 percent plan to make further investments in the next year.
“The potential aftershocks of an internal breach have the attention of both the business and IT organization, and for enterprise organizations the priority has now shifted from reactive to proactive security strategies to deal with this threat.” Liberti said.
Fifty-seven percent of organizations said they spend 20 percent or more of their time on ensuring IT security compliance and 56 percent said they spend 20 percent or more of their IT budget on ensuring IT security compliance.
However, 32 percent of security executives feel spending on IT security is too low. Furthermore, a majority of consumers feel that organizations do not spend enough to improve online security and privacy; 58 percent said financial institutions do not invest enough on online security and privacy.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment