Search Blog
Blogroll
  • Alan Fustey
  • Becky Wong
  • Bert Griffin
  • Blair MacDougall
  • Blake Goldring
  • Brett Baughman
  • Camillo Lento
  • Chris Delaney
  • Cynthia Kett
  • Darren Long
  • Desmond Jordan
  • Don Shaughnessy
  • Doug Lamb
  • Ed Olkovich
  • Eva Sachs
  • Evelyn Jacks
  • Gail Bebee
  • Gerald Trites
  • Gordon Brock
  • Guy Conger
  • Guy Ward
  • Heather Phillips
  • Ian Burns
  • Ian R. Whiting
  • Ian Telfer
  • Jack Comeau
  • James Dean
  • James West
  • Jeffrey Lipton Fairmont Gloucester
  • Jim Ruta
  • Jim Yih
  • Joe White
  • Jonathan Chevreau
  • Kenneth Eng
  • Larry Weltman
  • Malvin Spooner
  • Mark Borkowski
  • Marty Gunderson
  • Michael Kavanagh
  • Monty Loree
  • Nick Papapanos
  • Norma Walton
  • Pat Bolland
  • Patrick O’Meara
  • Paul Brent
  • Peter Deeb
  • Peter Lantos
  • Riaz Mamdani
  • Richard Crenian
  • Richard Warke
  • Rick Atkinson
  • Rob Peers
  • Robert Bird
  • Robert Gignac
  • Sam Albanese
  • Stephane Ruah
  • Steve Nyvik
  • Steve Selengut
  • Tammy Johnston
  • Terry Cutler
  • Trade With Kavan
  • Trevor Parry
  • Trindent Consulting
  • Wayne Wile
  • Categories
    September 2012
    M T W T F S S
    « Aug   Oct »
     12
    3456789
    10111213141516
    17181920212223
    24252627282930

    Tags

    When Internet security takes a back seat

    Terry Cutler

    By Terry Cutler.

    Why is it that those in charge of protecting the company’s security network, that database of sensitive customer data – bank cards, credit cards, bank accounts and personal information – don’t seem to spend the money to protect it? This is a question that is baffling to those in the data protection business, and may be more baffling in the years ahead.

    CEOs and Chief Security Officers (CSO) do not always see eye-to-eye on this problem. The CEO is budgeting the overall books, while the CSO is focused on his task, and can only submit for his budget. This is understandable. However, a recent survey (http://www.cioinsight.com/c/a/Security/Information-Security-Views-of-CEOs-CISOs-Diverge-Sharply-418309/) released by Core Security which highlights and demonstrates this separation over the security stance of the same company who has the potential to drop a company in a “click”.

    Staggering is the first word that comes to mind after a quick read of this benchmark. Only 15 percent of CEOs said they were very concerned about an attack on their network, and didn’t think their systems were under attack or even compromised. There is a large gap between CEO and CSO thinking.

    Sixty percent of CSO’s reported being very concerned about attacks and reported their systems were already penetrated. Yet with all the breach threats filling the news, and the numbers in dollars lost rising with each attack, or even a threat, the report unearthed that 36 percent of CEOs don’t deem it necessary to get a security briefing from the member of their own security team. It is inevitable. With large customer databases becoming the norm with big companies, the norm for hackers is to go after the company. Decide this at the board level, or decide how to fix it later, of course at a loss of reputation and customers and millions.

    It isn’t fashionable to call Internet security unimportant, yet CEO’s continue to scoff at filtering money in that direction. This is risk management of the grandest form. One breach can cost millions. As I have written in previous blogs, that extra money may go to training that one employee not to “click”, or maybe not?

    It’s the CEO’s call.

    The MONEY® Network