February 10, 2008   Sign In |  About ebizQ |  Contact Us |  Join ebizQ Gold Club
Peter Schooff
Peter Twenty-Four Seven Security
 Peter Schooff's blog is a daily look at what's going on in the world of computer security with an emphasis on how it affects businesses.

« Top Ten Security 2008 | Main | Future Security Threats »

December 05, 2007
Will We Ever Get Human 2.0?

Another day, another data breach survey...you know, I'm really starting to feel like data breaches are becoming the leading cause of statistics. But this most recent one, found over at Dark Reading, is interesting, as it points out that, as you buy every gadget and gizmo to protect your precious data, it's the human-driven data leak that remains the leading cause of most data disasters.

This survey, undertaken by the Information Security Forum (ISF), studied 887 leaks, and found that most leaks were accidental and non-technical. This survey is a bit different in that, as there have been numerous insider-attack surveys, most focused on online leaks while ignoring the types of data leaks that have been around since before there were targeted data attacks (yes, there once was a time).

These data slips -- like sending an email to the wrong address, or sensitive documents left at the copy machine, or employees simply leaving the office with high-priority data -- are generally accidental and not malicious, and feature the one indispensable, unupgradable element: the human being. This human being often loses data simply by not thinking: by being overheard in a restaurant, by being shoulder surfed at a coffee shop, or even leaking the data on social networking sites.

Some of the data losses were less expected, like "print screen" capabilities or screen shots saved on mobile devices, or meta data hidden within a file.

But until the human 2.0 version comes along (better security, more memory, better looking), the best way to stamp out these types of leaks is through pure security awareness. As Simone Seth, senior research analyst at ISF says. "I know it's a tired phrase, but we're talking about human behavior here, and the only way to correct the problem is to correct the behavior." Enterprises need to enforce security policies so that there are consequences for leakage, she says.

Posted by pschooff in |Digg This|Add to del.icio.us

Trackback Pings

TrackBack URL for this entry:
http://www.ebizq.net/mt/mt-tb.cgi/2937

Comments Post a comment




Remember Me?

(you may use HTML tags for style)

We ask that you type your code (displayed below) in the text box.This code is an image that cannot be read by a machine. It prevents automated programs from submitting comments.


Code:



Most Recent ebizQ Blog Entries
ADVERTISEMENT
Subscribe
News Feed
Recent Posts
Categories
Archives
Blog Roll
Blogosphere
This Work
Accountability:The opinions expressed in this blog are solely representative of the blog's author, and not of ebizQ
Subscribe to our Newsletters
ebizQ Weekly Gold Club Update
Live Webinar Updates
Updates from ebizQ Partners
ebizQ SOA Update
ebizQ BPM Update
ebizQ Security Update
ebizQ BI Update
ebizQ Open Source Software Update
Virtual Show Newsletter
Your E-mail Address:
BAM: The Killer App for CEP
Date: Feb 12, 2008
Time: 12:00 PM ET
(17:00 GMT)
I WANT TO ATTEND
Event Processing Market Pulse
Date: Feb 14, 2008
Time: 12:00 PM ET
(17:00 GMT)
I WANT TO ATTEND
Archived Webinars | Upcoming Webinars

Marketing Solutions | Feedback | About ebizQ | Unsubscribe | Privacy Policy | Site Map