Wednesday, January 25, 2017

Too much expenditure in threats for a data that is so sensitive.

The Report of the week

A lot has been written about the advantages and disadvantages of fragmented databases. In major organizations there is no other resolution, if we want to decongest the network traffic. But that need also involve risks and challenges around it insurance to prevent leaks, violations of information or inadequate treatment. 
Business managers trust the systems that they use, but the growing complexity of the organizations is also a way to find more vulnerabilities.

It is one of the most relevant conclusions of the last study by Varonis (Forrester) titled "The Data Security MoneyPitExpense In Depth Hinders Maturity". According to this study , The change from a product-based strategy to a platform-based one is a transformation vector for enterprise data security. "Data security managers hope to improve their ability to respond to security loopholes, reduce costs and complexity", claim Forrester. So, investing in multiple technology solutions is not the solution, because it neither makes the company mature nor does it allow for a "unified security strategy".

The idea of ​​"maturity" is not trivial. When professionals are asked about their data security strategy, three-quarters (76%) respond that it ismature. However, almost all respondents (93%) acknowledge that multiple technical challenges persist to protect these data.The study also identifies a essential problem: organizations are more concerned about external "threats" than their own data, and the lack of control is accentuated by particularly sensitive data.

According to the report made by the specialized blog InfoSecurity, at this point, in the sensitive data, the risks are around 6 out of 10 respondents:
  • 62% have no idea where these data reside when they are unstructured.
  • 66% do not classify them in the most appropriate way.
  • 59% no cuenta con un modelo de privilegio mínimo (o de menor autoridad).
  • 63% do not audit their use or alert for possible abuse.
The contrast between specific solutions and data protection-oriented strategies is present throughout the study. An approach that can provide a false sense of security by neglecting internal fronts with the same or greater potential for harm. "Too many organizations are looking for tools that specifically address ransomware, but neglect to support core defenses that would mitigate more than this specific threat," explains the President of Strategy and Market Development.

In addition to this study that calls for an end to this Expenditure in depth (*), this week we should also mention an analysis of the use of encrypted e-mail, which is increasing but is not yet a universal system; And one developed by Intel on the change of customs and customs in the family environment, with data as curious as this ... Three out of four parents (76%) let their children go to bed with a device connected to the Internet.

(*) The concept Depth of Expenditure is usually linked to cybersecurity studies and identifies policies of expansion in cost without apparent return, by choosing inappropriate solutions for the challenges faced by a firm when it comes to addressing its risks. 


Post a Comment