The most effective data security strategy involves a modern approach that uses technology to protect applications and databases alongside traditional approaches, according to a new survey.
For example, web application firewalls were among the top five rated technologies for reducing the number of data breach incidents. Others technologies included network data loss prevention, full drive encryption, server/endpoint hardening, and endpoint data loss prevention.
Survey participants said malicious intentions were behind 62 percent of data theft. Insider breaches comprised 33 percent of incidents while hackers comprised 29 percent. The remaining breaches were accidental.
Nearly two-thirds of organizations either didn't know if they suffered any data breach incidents, or stated that they didn't experience any. Of those that did, 46 percent saw a decline in breaches while 27 percent reported the same number of breaches from the previous year.
The survey also found that enterprise data security initiatives have accelerated data security as data theft and monetization become the ultimate goal for hackers and malicious insiders. Intense regulatory scrutiny continues to drive many data security initiatives. In fact, 88 percent of respondents noted that PCI-DSS was the primary driver for their information security program. Organizations are challenged with securing their data and maintaining regulatory compliance while controlling cost, complexity and risk.
The survey was sponsored by Imperva, a provider of data security solutions, and conducted by analyst firm Securosis among 1,100 U.S. and multinational IT security practitioners. Organizations across all major vertical markets and company sizes were surveyed. The survey focused on uncovering what technologies security practitioners find successful to mitigate breaches and comply with security mandates.
Comment from Amichai Shulman, Imperva's CTO: Data security is an emerging practice requiring practitioners to navigate numerous mandates, threats and technologies. This survey will help security teams identify what their peers find successful and hopefully help make improvements to their own strategy and operations.
Comment from Rich Mogull, CEO and analyst with Securosis: This survey illustrates that data security as a practice has transitioned past early adopters and significantly penetrated the early mainstream of the security industry. Given what's at stake, we are pleased to put numbers behind what we all hoped - that organizations are starting to take data security more seriously.
Contact: http://www.imperva.com
Contact: http://securosis.com/blog
No comments:
Post a Comment