Organizations often focus on the potential benefits of emerging technologies, increasingly, the idea of getting involved in high-profile tech trends that include big-data, cloud computing, BYOD, and mobility, increasingly feeds a focus on security.
In fact, more than half (52 percent) of organizations report that these new technologies and fear of data breaches surpass even compliance as a driver, according to a study released last week by Vormetric. Tina Stewart, vice president of marketing at Vormetric, said in a press release:
The security landscape has evolved considerably over the past 18 months. With advanced persistent threats recurring headline news, and as more organisations embrace the merits of cloud computing and Big Data, it is essential that enterprises ensure their IT infrastructure is geared up to keep pace with the changing market.
Organizations are coming to realize that compliance, while important, may not be the most important driver of security. Vormetric’s Protect What Matters — Data Security survey, which polled more than 450 people, identified the need to protect the organization’s brand (64 percent) and observing security best-practices (32 percent) should motivate data protection efforts. Compliance, meanwhile, captured only 22 percent of the votes, putting it in third place.
The good news is that more money is being allocated to initiatives that support a strong security stance. In fact, 42 percent of those surveyed said that security budgets are on the rise, while 39 percent said that budgets have remained the same. Only six percent experienced a funding downturn. “Organizations are putting more money toward data security,” Steward told IFSEC Global in an interview. “The combination of new technology challenges with a variety of news breaking data breaches means that the threat is becoming very real for people.”
Increasingly, organizations are starting to understand that cybercriminals are monetizing data stolen from organizations — and that they are heavily focused on maintaining a stream of saleable information. “In the underground market economy, data is money, and much like any other market economy, principles of supply and demand drive it,” said Ed Ferrara, principal analyst at Forrester Research in a January 2013 report titled “Measure The Effectiveness Of Your Data Privacy Program.” Simple identity theft pays about $2,000, on average, but a thief using a medical ID number can earn an average payout of $20,000 for a medical record.”
With that in mind, spending is largely focused on protecting data and identifying technologies that work to stop or mitigate sophisticated attacks, such as advanced persistent threats (APTs) or malicious insiders, focusing on capturing corporate data. Encryption with access controls tops the list for locking down data, while many organizations add log management and database activity monitoring (DAM) to identify unusual usage patterns that indicate a problem, the study found.
Let’s discuss amongst ourselves. How have these technology trends impacted your organization’s corporate IT security policy? Where do you think we’ll be in the coming year?
Free Download: The Video Surveillance Report 2023
Discover the latest developments in the rapidly-evolving video surveillance sector by downloading the 2023 Video Surveillance Report. Over 500 responses to our survey, which come from integrators to consultants and heads of security, inform our analysis of the latest trends including AI, the state of the video surveillance market, uptake of the cloud, and the wider economic and geopolitical events impacting the sector!
Download for FREE to discover top industry insight around the latest innovations in video surveillance systems.
New Techology has come to my work place and been met by varying results. We don’t really have Big Data projects so it has been largely ignored. BYOD scares the heck out of the higher ups in the IT department so it has been shunned like the plague. And Cloud computing has been seen as a revelation is attempting to be adopted in everyway it can, so its been a sort of mixed bag around here. With the adoption of cloud computing and the rejection of byod we have seen many security initiatives launched to ensure that cloud computing is… Read more »
New technology has brought in benefits as well as risk to business. We need to be careful on both the virtual security and the physical security aspect of the business.
@Shehan Ahamed, as a general rule everything is a mixed bag. No technology comes without costs and most have some benefits. It’s important, then, to do appropriate risk analysis and move forward accordingly.
Jonathan, when it comes to BYOD, you can run but you cannot hide. I suspect that your IT higher ups are ostriches hiding their heads. People are bringing mobile devices to work–and keeping them out takes vigilance. I find myself wondering what the consequence of ignoring the ban is as stated? Has it been enforced?
Hailey, I have not really witnesses too much enforcement and usually the only way people get caught at it is when they will call the help desk with a problem and half way through trouble shooting the help desk realizes its not a company owned device and tell them they are on their own. So I guess you could say the consequence for ignoring the ban is that you lose out on company tech support. I dont know that it is the tech higher ups are ostriches because I have to admit over the past couple of years there has… Read more »
Big changes in management certainly would add to the usnteadiness of things. Policies, with clear consequences, are critically important–but it takes a change in the organization to be willing to create, enforce, and update (this last one is very often forgotten) them.
@ Hailey
Great point about performing appropriate risk assessment! One thing that many do not realize is, risk assessment is not a one time event. It should be done periodically, and also when there are any changes made to the system.
@ JohnathonL
Wow..three CTO’s in three years, I can see where the unsteadiness is coming from. Its probably tough on the other executives to make a decision having about BYOD with this type of unsettle.
yes, like in everything coin have both sides, but you could reduce the risk if you learn/know security/on-line safety… with good employee training(rules/policy in place) in virtual/cyber security and physical security Co. do have a good fighting chance:)
could not agree more, good point/idea technology/ideas do change at the fast pace… risk assesment should be in the same line as maint. and security patch updates…
Hailey, in my head BYOD represent high security risk… as I do see more and more of the Samsung Galaxy clones entering Canadian market… but 25% or more of this fake cellphones have malware/spyware build inside they Android OS by design… from the manf. production line… for now for a Co. BYOD policy should be if you have clone/no name smart phone – please leave it at the door…. better safe than sorry…
@Alexander Stephens
Your right, and I agree…technology security and technology maintenance should go hand-in-hand.
thank you, but the problem this days as global economy still in recovery everyone try to save buying clones or gray market goods with compromised OS… creating potential security risk….
You are right, Batye. Jailbroken phones are infinitely less secure than those in original condition. Organizations should lock out cell phones that are jailbroken without exception. I rarely beleve in blanket blocks but in this case it’s theonly way to create a secure environment.
You are right, Batye. Jailbroken phones are infinitely less secure than those in original condition. Organizations should lock out cell phones that are jailbroken without exception. I rarely beleve in blanket blocks but in this case it’s theonly way to create a secure environment.
yes, thank you, the problem everyone forgets nothing is free even jailbroken iphone… one way or other we pay for it on the long run with lost security… as a lot of the time you need one line of the hiden code to unlock port to gain admin rights of the access to the system…