« The Tougher Challenges of SOA: Talking With iTKO | Main | You Stink! Spam »

Dark Reading has an excellent article on the everlasting security debate, i.e. do the greatest risks to a company come from inside or outside, internally or externally. And unless your company is named, We Leak Data, I think the question is relevant to your company as well.

A recent study by Verizon found that while a majority of breaches are executed from the external, it is often instigated because of a slip-up or security short-cut initiated by someone inside the company, and is usually a vulnerability that has been overlooked for a lengthy period of time. More specifically, the study found that 73 percent of data breaches resulted from external sources. This includes breaches caused by business partners, a source of vulnerability that increased fivefold during the study. Only 18 percent of breaches were caused by insiders.

The study also asserts that 62 percent of data breaches can be attributed to a significant error in internal behavior. Sixty-six percent of the breaches involved data that the victim organization did not know was on the system, and 75 percent of breaches are discovered by a third party, rather than someone inside the organization.

Verizon concludes that it's not always about complex security hacks that need sophisticated security measures to stop them, but what's really needed is a focus on the basics, i.e. security training. So most breaches are crimes of opportunity, as in, if you leave your keys in the car at the ballgame, don't be surprised when your car isn't there when the game ends.

And as ebizQ has just recently hired an excellent editorial intern named Jessica Mola, and as she's already learned all the difficult things to do (she's picked them up quite quickly, I might add), I guess it's time to go back and show her the security basics.

Posted by pschooff in |Digg This|Add to del.icio.us

Trackback Pings

TrackBack URL for this entry:
http://www.ebizq.net/mt/mt-tb.cgi/3511