1Cyber-Crimes Not Just Impacting a Few Companies
2The Majority of Enterprises Have Experienced a Data Breach
3Virus-Infected Web Pages a Serious Problem
4Investments in Cyber-Security Going up the Charts
More than $60 billion was spent worldwide on cyber-security in 2011. The U.S. federal government spent $9 billion of that total in 2011 and is expected to spend $14 billion yearly by 2016—despite expected cutbacks in the federal budget.Â That computes to a 9 percent per-annum growth, versus 2 percent for the overall IT market. It is a high priority among IT decision makers.
SINET panel speaker Ernie Hayden, managing principal of energy security with Verizon’s global energy and utilities division, shared this nightmare-inducing factoid: “Ninety-seven percent of all [electrical] circuit miles wired in the U.S. are not covered by any cyber-security standards.” Does the term “sieve” come to mind?
6So Much Data to Protect
7So Many Devices to Protect
The so-called “Internet of Things,” term to describe the preponderance of connected endpoint devices, is projected to total more than 50 billion connected devices by 2025. It was estimated at 2.5 billion in 2011. At last guess, there were just over 7 billion people inhabiting the Earth, according to the U.S. Census Bureau. http://www.census.gov/main/www/popclock.html
8Every Connected Device is an Entry Into the Internet
9No BYOD for the Federal Acronyms
Certain agencies of the U.S. government—namely the classified sector (NSA, FBI, CIA and the military)—are often early adopters at the forefront of IT threat, challenge and innovation vectors. However, according to Debora Plunkett, information assurance director of the National Security Agency, you will never see those agencies embracing the “bring your own device” trend that an increasing number of enterprises are adopting. If you work for one of those sectors, you will use a company device for work—period. Security reasons are fairly obvious.
10Has Compliance Killed Security Innovation?
From Joe Sullivan, chief security officer for Facebook: “Too many security professionals have evolved into compliance professionals. A good IT security professional understands coding and the technology, but also usability and design. Too many of the products we see have one or the other, or neither, because they are focused on: ‘We are a compliance solution.’ Compliance standards exist to tell us what we need to do to manage risk. But if the compliance standards were so good, then we wouldn’t have had all these breach stories of the last few years.”