11 Data Issues That Keep IT Security Pros Up at Night

 
 
By Chris Preimesberger  |  Posted 2016-04-27
 
 
 
 
 
 
 
 
 
  • Previous
    11 Data Issues That Keep IT Security Pros Up at Night
    Next

    11 Data Issues That Keep IT Security Pros Up at Night

    A new Ponemon study uncovers what's really keeping IT security professionals up at night. Here are the key takeaways from the report.
  • Previous
    Security Pros Don't Know Where All Sensitive Data Is Located
    Next

    Security Pros Don't Know Where All Sensitive Data Is Located

    According to the report, 62 percent of surveyed security professionals are concerned over their inability to have complete visibility into where their organization's sensitive or confidential data resides.
  • Previous
    The Struggle to Quantify Risk of Sensitive Data
    Next

    The Struggle to Quantify Risk of Sensitive Data

    The lack of confidence in knowing the location of sensitive data is compounded by the fact that more than half of security professionals struggle to understand the true risk to data contained in databases, emails and files.
  • Previous
    Data Breaches Top List of IT Security Risks
    Next

    Data Breaches Top List of IT Security Risks

    The consequence of not knowing the location and risk of sensitive data is that security professionals are unable to protect their organizations from data breaches. More than one-third of respondents cite data breaches as the top IT security risk facing their organization. Employee/user negligence is reported to be the second-biggest risk, while noncompliance and malware/advanced persistent threats are considered the least risky.
  • Previous
    Automated Security Is on the Rise
    Next

    Automated Security Is on the Rise

    More than half of survey respondents reported that their companies are using automated solutions to discover sensitive data and protect it from a potential breach. Sixty-four percent say their automated solution is developed in-house, rather than provided by a third-party vendor. That is a surprisingly high number—to eWEEK at least.
  • Previous
    Uncertainty Around What's Actually Being Tracked
    Next

    Uncertainty Around What's Actually Being Tracked

    Although many organizations use automated solutions to gain visibility into user activity around sensitive data, nearly half of respondents admit they don't actually know what is being tracked. Even among security professionals who do have this insight, there remains a discrepancy between what user activity is actually being tracked versus what should be tracked, particularly when it comes to privileged-user access, cross-border transfers, high-volume access and new proliferation of data.
  • Previous
    Data Classification Tools Are Most Effective in Stopping Breaches
    Next

    Data Classification Tools Are Most Effective in Stopping Breaches

    Nearly three-quarters of respondents use data classification tools to improve data security. The most commonly used data classification tools are data monitoring (69 percent), followed by encryption or tokenization (61 percent) and data discovery (55 percent).
  • Previous
    Commercial Solutions Don't Address User Behavior Risks
    Next

    Commercial Solutions Don't Address User Behavior Risks

    While there are a seemingly endless number of security and risk management vendor solutions in the market, about two-thirds of respondents report difficulties finding commercial solutions that help mitigate behavioral risks such as employee/user negligence or malicious insiders. As a result, IT security teams either go without these protections or are forced to build them in-house.
  • Previous
    Intelligence Analytics Increasingly Are Critical
    Next

    Intelligence Analytics Increasingly Are Critical

    When asked to predict the process-focused security controls that will be most relevant during the next three to five years, more than half of respondents named security intelligence analytics to identify risk and threats. Threat feeds and intelligence sharing (45 percent), advanced authentication and identification solutions (40 percent) and user provisioning and identity management (37 percent) are also noted as becoming increasingly critical.
  • Previous
    Cloud Gateways Will Be Key in Coming Years
    Next

    Cloud Gateways Will Be Key in Coming Years

    Security professionals expect that cloud-service brokers and cloud application gateways (40 percent) and user awareness training (39 percent) will be the most relevant target-focused security controls in the coming years. Respondents also cite information protection and control (such as data loss prevention, tracking, masking and encryption) and database firewall/activity monitoring.
  • Previous
    Threats, Budgets Drive Security Program Changes
    Next

    Threats, Budgets Drive Security Program Changes

    Sixty-seven percent of respondents say that changes to their organization's IT security programs are dictated by immediate threats and vulnerabilities. The second-most common driver of change is budget and resource constraints.
  • Previous
    Shadow IT Will Pose the Next Big Security Challenge
    Next

    Shadow IT Will Pose the Next Big Security Challenge

    According to respondents, over the next three to five years, the industry trends that will have the biggest impact on decisions related to their organization's security programs are the consumerization of IT/shadow IT, mobility and increased sophistication of attackers.
 

Faced by a continually evolving barrage of threats, security professionals seemingly must sleep with one eye open to keep their organizations secure. But with so many risks, how do security professionals prioritize? The Ponemon Institute partnered with Scale Venture Partners and Informatica to uncover what's really keeping security professionals up at night. The study surveyed 432 IT security practitioners on their top data security concerns and their approaches to keeping their organizations safe. According to the findings, security professionals cite data breaches as their top concern, yet a surprisingly high number do not possess the tools necessary to gain visibility into where sensitive data is located or quantify the risk of compromise associated with that data. This eWEEK slide show highlights these and other key takeaways from the Ponemon Data Breaches and Sensitive Data Risks report. If you are interested in learning more, read this blog post by Ariel Tseitlin, partner at Scale Venture Partners, which summarizes key findings from the report.

 
 
 
 
 
Chris Preimesberger Chris Preimesberger was named Editor-in-Chief of Features & Analysis at eWEEK in November 2011. Previously he served eWEEK as Senior Writer, covering a range of IT sectors that include data center systems, cloud computing, storage, virtualization, green IT, e-discovery and IT governance. His blog, Storage Station, is considered a go-to information source. Chris won a national Folio Award for magazine writing in November 2011 for a cover story on Salesforce.com and CEO-founder Marc Benioff, and he has served as a judge for the SIIA Codie Awards since 2005. In previous IT journalism, Chris was a founding editor of both IT Manager's Journal and DevX.com and was managing editor of Software Development magazine. His diverse resume also includes: sportswriter for the Los Angeles Daily News, covering NCAA and NBA basketball, television critic for the Palo Alto Times Tribune, and Sports Information Director at Stanford University. He has served as a correspondent for The Associated Press, covering Stanford and NCAA tournament basketball, since 1983. He has covered a number of major events, including the 1984 Democratic National Convention, a Presidential press conference at the White House in 1993, the Emmy Awards (three times), two Rose Bowls, the Fiesta Bowl, several NCAA men's and women's basketball tournaments, a Formula One Grand Prix auto race, a heavyweight boxing championship bout (Ali vs. Spinks, 1978), and the 1985 Super Bowl. A 1975 graduate of Pepperdine University in Malibu, Calif., Chris has won more than a dozen regional and national awards for his work. He and his wife, Rebecca, have four children and reside in Redwood City, Calif.Follow on Twitter: editingwhiz
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
Rocket Fuel