Are You Prepared for a Breach?

Sue Marquette Poremba
Slide Show

10 Top Security Policies from the Knowledge Network

Prevent security breaches with a solid security plan.

Recently, we reported on the struggle within the health care industry to protect information from breaches. She wrote:


According to eSecurity Planet, the average health care organization experienced 2.4 significant data breaches in the past two years, resulting in costs of more than $2 million per organization. In fact, U.S. health care organizations are forking out more than $6 billion a year due to data breaches. The most common reasons for these expensive and embarrassing incidents are unintentional employee action, lost or stolen computing devices and third-party error.

But the problem doesn't stop with the health care industry. Solera Networks released the findings of its 2nd Annual Network Forensics survey this week, and, well, the news didn't look very promising. Highlights of the Solera Networks survey include:


  • 82 percent said that it's likely they will experience a significant security incident within the next 3 years.
  • 96 percent feel threatened by employee Web activity, and 71 percent fear that instant messaging poses security threats.
  • 92 percent expressed concern over lengthy recovery times.
  • 64 percent of respondents said they don't have the data or tools to efficiently determine the full scope of security incidents. 20 percent said it's "impossible to determine scope."
  • 96 percent recognize the value of real-time situational awareness and network forensics, yet only about 19 percent say they have the capability.

One thing that jumped out at me was the overwhelming concern about employee Web activity and the potential threats it can cause, because that's an issue that can be addressed with an enforced security policy that covers access to Internet activities.


Overall, it doesn't seem like enterprise as a whole is prepared to handle a major security threat. What I'd like to see next is a survey that investigates whether these companies are taking steps to lessen their concerns or if they shrug it off until their network is attacked.

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.