security

7 data security trends for 2014

Data thieves are diversifying their methods of attempting to steal sensitive information, says a new report from Trustwave. The research, gathered from 691 data breach investigations from 2013, shows that cybercriminals are increasingly targeting sensitive and confidential information in a variety of new ways, while still exploiting old vulnerabilities to compromise security among individual employees.

scyther5 / bigstockphoto.com

scyther5 / bigstockphoto.com

Below are our 7 highlights from reviewing the report.

  1. Credit cards are still a top priority for would-be data thieves, with 55% of data thefts in 2013 involving payment card data
  2. Thieves are more interested in private information, with thefts of sensitive and confidential information increasing 33% in 2013
  3. 59% of data breach victims live in the US, far ahead of the 2nd most-targeted country, which was the UK at 14%
  4. Retail is the most commonly targeted industry, making up 35% of all attacks. Food and beverage came in second at 18%, and hospitality third, at 11%
  5.  The top 3 subject lines of spam emails were:
    1. “Some Important Information Is Missing”
    2. “Bank Statement. Please Read.”
    3. “Important—Payment Overdue.”
  6. Data thieves love Java. 78% of data thefts involved taking advantage of Java vulnerabilities
  7. Overall, 85% of cybercriminal activity involved exploiting third-party plugins, including Java, Flash and Adobe Reader

Overall, Trustwave recommends first educating employees on best practices to enforce security, and then focusing on strengthening passwords. DRaaS may also be an effective tactic for enterprises concerned about maintaining their security in 2014.

IT may be succeeding at redefining its business role, says new research

Guest author: Ed Konopasek, VP, Cloud and Data Center Solutions

The IT department has recently been in the spotlight as it works to reshape itself to provide more direct business value. New research shows that this heightened focus is paying off. The report from global consulting firm Protiviti shows that 63% of CIOs and IT professionals are noticing a “major IT transformation” happening in their organizations, as IT works to deliver more business value and tighten security measures. The respondents also noted a significant shift in IT’s activities, away from supportive activities (“keeping the lights on”) to become a key part of major business decisions.

Bigedhar /Bigstockphoto.com

Bigedhar /Bigstockphoto.com

More takeaways:

  • Topics related to cybersecurity and managing data privacy consistently were ranked among the highest priorities by respondents
  • Another top priority was managing and securing ever-growing amounts of data, a process that will likely continue to grow in prominence
  • Interestingly, adding business value was ranked a higher priority than securing company data, perhaps reflecting a growing view that data security and business planning should go hand-in-hand
  • Respondents also ranked monitoring IT costs as a very high priority, reflecting the continued efforts to control IT spending against growing data and computing needs

What’s the top priority in your IT organization this year?

93% of companies who suffer a data loss are out of business in 5 years

Guest author: David Kinlaw, Practice Manager, Data Protection and Availability

Send this to a businessowner you know, because you read that right: If you suffer any kind of data loss, chances are you’ll be looking for new employment by the next Winter Olympics. This statistic is particularly relevant for SMBs, who tend to run higher risks of security breaches than their larger counterparts.

Research from Ponemon shows that 58% of IT leaders in small- to medium-sized businesses don’t see cyberattacks as a significant threat to their businesses. If that’s not startling enough, Ponemon also found that the average security incident among SMBs costs around $1.6 million to resolve—is that in your budget?

Melpomene/Bigstockphoto.com

Melpomene/Bigstockphoto.com

With the Target data breach now nearly legendary status, and the recent Heartbleed flaw, it’s time for SMBs to start taking security seriously. In the 12 months preceding this publication, one in three SMBs didn’t even know if they had suffered a security breach, and 42% said that they had experienced some kind of attack. Significantly, Ponemon found that the more senior the respondent, the less certain they were about if they had suffered a breach—meaning that those with the power to implement better security are unfortunately unaware of how serious this issue really is.

A big step towards closing this gap is implementing a disaster recovery plan, or partnering with an experienced disaster recovery provider to create a cloud-based (and surprisingly affordable) DR plan. Also consider tighter security on mobile security policies, since a lost mobile device is a leading cause of lost data. Finally, look for ways you might be able to free up time for your in-house IT resources to focus more on security, perhaps by moving more operations to secure cloud environments and/or outsourcing and automating more IT tasks.

Cloud security still a top concern for CIOs

A new Open Data Center Alliance (ODCA) membership study shows that even though cloud adoption is rapidly growing, security concerns are the top factor limiting the use of it entirely. This is likely due to the lack of proper standardizations. Organizations need to understand the full security measures of their cloud service provider and how they impact their organization.

Melpomene/Bigstockphoto.com

Melpomene/Bigstockphoto.com

These worries about security are likely based on recent events, such as data breaches, data loss, account hijacking, unmanaged APIs, shared technologies in one cloud and lack of security processes with the large volumes of data. Overall, 67% of respondents said that security is a limiting factor in their cloud plans, although this is down from 80% in 2012, reflecting a growing trust in the cloud. Worries about reliability are down as well, with only 36% of respondents expressing concern, down 8% from 2012. However, more CIOs are concerned about regulatory issues (56%) and vendor lock-in (46%), both of which are up from 2012.

Is security a major challenge for your organization when using the cloud?

Healthcare and the cloud: Balancing security with accessibility

A new study at MarketsandMarkets published that the healthcare industry will invest $5.4 billion in cloud computing by 2017. The healthcare sector is seeing huge benefits from utilizing the cloud. Doctors, clinics, and hospitals can access information quickly in the cloud, and also removes the physical barriers of sharing information across the system. It provides these large health systems the opportunity for more accurate information and better customer service.

Idrutu/Bigstock

Idrutu/Bigstock

However, there are the security and privacy concerns that must be considered in working with HIPAA and Meaningful Use regulations. With 20.5% of healthcare moving to the cloud in 2014 (4% in 2013), these concerns are real and need to be addressed at the cloud service provider level. With cloud services projected to save the healthcare industry $11 billion over the next three years, it has become a top priority for healthcare organizations.

 

Hype or Ripe:  Can cloud services manage the rising demand of healthcare organizations moving to the cloud?

Page 1 of 1312345...10...Last »