IT security professionals weigh in on ideal punishment for serious data breaches
Websense, Inc. a global leader in protecting organisations from the latest cyber-attacks and data theft, has announced the results of a survey of 100 Australian security professionals. Nearly all respondents (98%) believe that the law should address serious data breaches that expose consumers’ data loss through punishments such as fines (59%), mandatory disclosure (65%), and compensation for consumers’ affected (60%). Twenty three percent even advocate arrest and jail sentence for the CEO or board members.
Respondents feel that companies that are not taking action against data loss and theft have it as an agenda item, but it’s not yet a high enough priority (38%). Furthermore, 41% say the CEO should hold ultimate responsibility should a breach arise. And the pressure is mounting, as 72% of all respondents believe the advent of the Internet of Things will make companies even more vulnerable to data theft.
Nearly three quarters (64%) of respondents say employees would connect to an unsecure WiFi to respond to an urgent request by the CEO or company executive; with even 42% of security professionals saying they would do so themselves.
As data theft disclosures hit the headlines, it appears to be inadvertently helping companies address the issues. More than half (62%) of security professionals feel the publicity has helped other companies create a case for budget, focus and resources. But nearly a quarter (24%) believe that the headlines have hindered this as they make companies feel powerless to protect against these attacks.
Bradley Anstis, ANZ Sales Engineering Manager at Websense explains: “Despite all of the large-scale attacks we’ve seen over the past year, many businesses still don’t recognise the risks they face and the potentially devastating impact of a breach. Businesses can no longer afford to ignore the risks or to waste time and resources implementing security solutions that aren’t tailored to meet their needs. It’s all about developing the right-sized security strategy for your business. But by taking a holistic, data-centric approach, IT security teams can gain visibility of their security gaps, identify the threats to their data and protect their critical information from data theft.”
Other Findings:
False Sense of Security
- 27% of respondents felt that companies believe their business would not be affected by data loss
- Nearly half (43%) felt that companies believe they are protected, but the technology being used is not appropriate to combat data theft
- 43% believe a lack of action with regards to data theft is down to too much complexity
- 37% believe a company will only do what is necessary for legal compliance
- 35% cannot afford the investment
Who is Responsible for a Data Breach?
- While 41% believe the CEO is ultimately responsible should a data breach take place, only 6% believe it should be the CSO
- 13% feel it should be the rest of the board (outside of the CEO & CSO)
- 29% believe it is the IT department
- 7% say it is the employee responsible for the breach
The survey was conducted by Redshift Research in May 2015 via an online survey amongst 100 Australian security professionals.
About Websense, Inc.
Websense, Inc. is a global leader in protecting organizations from the latest cyber attacks and data theft. Websense TRITON comprehensive security solutions unify web security, email security, mobile security and data loss prevention (DLP) at the lowest total cost of ownership. More than 11,000 enterprises rely on Websense TRITON security intelligence to stop advanced persistent threats, targeted attacks and evolving malware. Websense prevents data breaches, intellectual property theft and enforces security compliance and best practices. A global network of channel partners distributes scalable, unified appliance- and cloud-based Websense TRITON solutions.
Websense TRITON stops more threats; visit www.websense.com/proveit to see proof. To access the latest Websense security insights and connect through social media, please visit www.websense.com/smc. For more information, visit www.websense.com and www.websense.com/triton.