Security Lessons Learned from 2014: The Year of the Mega Breaches

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
Next Security Lessons Learned from 2014: The Year of the Mega Breaches-4 Next

Change in Spending Focus

The study showed that the increased spending was most heavily focused on the task of keeping cyber criminals off of the network, as evidenced by the top five post-Target security investments: security incident and event management (SIEM) (50 percent), endpoint security (48 percent), intrusion detection/prevention (44 percent), encryption/tokenization (38 percent) and web application firewalls (37 percent). A much smaller percentage of respondents invested in sensitive data management (9 percent) and data classification (8 percent) tools, which assist in finding data that could be vulnerable and remediating the issue before a breach occurs.

A major lesson businesses continue to emphasize that they learned this past year is that any organization, regardless of size, is vulnerable to a data breach. Starting with the infamous Target breach in late 2013, which compromised millions of consumers, continuing to the Sony attack that saw personal information exposed, and now the massive breach at Anthem, well-known entities have endured financial and reputational damage due to breaches.

In a Ponemon Institute study, commissioned by sensitive-data-management-solution provider Identity Finder, called "2014: Year of the Mega Breaches;" 735 IT and IT security practitioners were polled to gauge how their organizations reacted — both attitudinally and through IT security investments — to the Target breach in 2014. The study also explored details about breaches that some respondents' businesses had experienced.

According to the study, organizations are more aware of data breaches, but many continue to invest in solutions that have failed to keep cyber criminals out — for example, JP Morgan Chase spent $250 million on security prior to its breach last year — and those organizations are failing to invest in areas that could empower them to shrink the amount of data that cyber criminals can steal in the first place. In this slideshow, Todd Feinman, CEO, Identity Finder, highlights findings from this study.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

IT security careers The Most In-Demand Security Jobs and How to Get Them

Security professionals are in demand right now, and entry-level security jobs generally fall into either an engineer or analyst role. Find out more about required skills and career paths. ...  More >>

142x105itbeusasecurity2.jpg 9 Predictions for Cybersecurity’s Role in Government and Politics in 2017

Experts predict how cybersecurity will affect and involve our government, policies and politics in 2017. ...  More >>

Shadow IT Security How Risky Behaviors Hurt Shadow IT Security

Examine some of the concerns involving shadow IT security and some of the riskiest behaviors, applications and devices. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.