Security Pipe Dream for many
Security is a pipe-dream, few enterprises are fully protected from events that have occurred in the past several months. All one has to do is to look at the recent cyber attacks at Uber and Experian. In both of those cases, the CIO and/or CSO were blamed and left the organization.
Not many CIOs and CSOs feel they have 100% of their security risks covered. In a recent survey that was published in NetworkWorld:
- 55% said that was the case
- 40% said they hope the had all of their security bases covered
- 6% said that they did
With only 6% saying they had all of their bases covered there are many opportunities for security hackers and data breachers to attack the systems in place.
Now that we know that a security breach may occur, how sure are these same CIOs and CSOs that they will be able to react in time? The first step is detection that a hack or breach has occurred. In another survey by Janco Associates, we found that in midsized and large enterprises:
- 35% had a detection solution in place and they automatically quarantined the server(s)
- 43% had a detection solution in place but had to “manually” quarantine the server(s)
- 23% had to “manually” put the server(s) offline when they found out they had a problem
When you put these two sets of data together, you conclude that less than 2% of enterprises are protected adequately enough to prevent a major security hack or breach occurs.
ISO 27000, Sarbanes-Oxley, and HIPAA Compliant
Experts Agree You Should Update Your Plan Annually
Security is a critical concern during the recovery process
It goes without saying that every company, regardless of size, needs a concise business continuity plan in case of an emergency. If you don’t have a disaster recovery plan or haven’t updated yours recently, now is the time to take this critical step to protect your business.