Concerns about data loss are clearly a burning issue among enterprise
information officers at present.
At the CSO Interchange – a forum for chief security officers – held in London
recently, 60 per cent of the senior security professionals present professed to
having only "some idea" as to where their customer data is stored and "limited
controls" over it.
Alarmingly, nine per cent of those present had not even yet considered data
loss as a specific issue, although 72 per cent see the impact of payment card
loss on brand reputation as their biggest concern.
Speaking at the event, cross bench peer, Lord Erroll, a member of the House
of Lords Science and Technology Committee, described the recent HMRC data breach
as a "godsend".
"With luck the missing CDs have ended up in a landfill site, but this fiasco
will force the government to start taking security seriously and the powers of
the Information Commissioner's Office will be strengthened," he said.
Philippe Courtot, chairman and CEO of Qualys and co-founder of the CSO
Interchange added: "More than 70 per cent of the security professionals
attending CSO Interchange indicated that securing their networks and therefore
the confidentiality of their electronically stored data is now harder than ever.
The HMRC breach and other recent media stories are forcing this into the open
as a public issue. We must take these matters seriously and rethink the way
security is provided online."
Managing risk was clearly seen as the biggest driver behind security strategy
and executives know they need to improve at this. Half of those surveyed felt
that they could do better at articulating the impact of risks within their
organisation as well as the impact of mitigating them financially.
There was clear recognition too for the risks posed by insiders within their
organisation – with 75 per cent citing this as greater than the risks from
outsiders.
Do you agree?
Have your say on this article