Feeds

IT Security: Podium place or first round shame?

The Reg Readers have spoken

  • alert
  • submit to reddit

High performance access to file storage

Tech Panel The results of our Security Poll are in, and like medal-toting 'Team GB', they show that being game counts a lot. The entire report is now available for consumption over in our whitepaper library - grab your very own copy today.

A big thanks to the 1,100 fine folk who took part in the poll, the warm up to our forthcoming Security Debate in September. You told us straight up that IT security remains an important issue. However, it’s clear that between organisations, IT security practices vary considerably.

In fact, leaving technology aside and concentrating on some behavioural and attitudinal attributes highlighted some serious differences. We separated out the two extremes: organisations scoring very high or very low on levels of security awareness and availability of training, and how seriously IT security is taken by senior management, the workforce and the IT department. Then we compared the socks off them.

So was it worth it? Yessirree.

Broadly speaking, the leader group considers itself to be much better protected against a range of security threats. There’s a certain level of confidence generated by being up for it, it seems.

But does it make any actual difference? Well, yes, especially in more complex risk areas such as website defacement or corruption, where we found the laggards to be three times more likely to suffer.

Continuing the leaders and laggards theme, a number of other ‘good behaviours’, in policy, communication and tooling became clear.

While IT security policy across the sample is all over the place, leaders are twice as likely to have a comprehensive policy in place. When it comes to tools in use, it seems that being up for it includes being far more likely to be getting to grips with some of the more complex IT security solutions – vulnerability testing, intrusion protection, event management and behavioural analysis - to name a few.

But what spark, or otherwise, separates the leaders from the rest?

A big clue lies in the degree of communication. You’ll like this, because it supports the ‘we’re not bloody mind readers’ angle that IT often has to take with the business. Essentially, the leaders understand that IT isn’t a bloody mind reader, and have thus got better at prioritising the risks their businesses face, and at communicating them to IT. Furthermore, they are streets ahead when it comes to communicating all this to the workforce. These rather simple capabilities could be a fundamental reason for the chasm between the effectiveness of the leaders and the laggards.

Ultimately, it will always be worth reviewing the IT security situation in any organisation and determining what improvements can be made. This is particularly true when it comes to communication, as time and again we see that ‘the threat within’ ranks higher as a risk factor than any other issue.

Whether you feel like a leader, laggard or inbetweener, if you have something to learn or something to share, sign up for the Security Debate 24 Sept and come and have your say.

In the meantime, our shiny new report based on the findings from the study will further whet your appetite, so grab a copy today. ®

Top three mobile application threats

More from The Register

next story
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
Record labels sue Pandora over vintage song royalties
Companies want payout on recordings made before 1972
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Number crunching suggests Yahoo! US is worth less than nothing
China and Japan holdings worth more than entire company
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Apple DOMINATES the Valley, rakes in more profit than Google, HP, Intel, Cisco COMBINED
Cook & Co. also pay more taxes than those four worthies PLUS eBay and Oracle
prev story

Whitepapers

SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.