With increasing data volume in enterprises, data protection has become a key issue for CISOs (responsible for security of information systems), especially for a good organization of the company. In addition, as the amount of data stored and processed at the corporate level increases, the risk of data breaches increases. So when this happens (data breach), who should blame it? Some of the RSSIs attribute this to employees, but the report recently released by Tanium suggests that this error may also come back to CISO companies.
According to a report released late last month by independent research firm Opinion Matters, about 61% of the CISO surveyed accused employees of being, in most cases, the source of business data. These CISOs believe employees accidentally discover their business information. The study has shown that there is a gap between IT managers and employees as regards each group looking at sensitive data. In a research firm's analysis, this flaw relates to the rapid growth of unstructured data and duplication of resources employees use to divide them may have a negative impact on the company's security policy.
Researching the report, the results show that 95% of IT managers know that internal threats are worrying about their organization. It also states that 79% of them think that employees have accidentally entered sensitive company data over the past 12 months. It just seems that employees do not see this thing in the same way as their managers. They do not seem to be aware of the situation at all. The results show a significant mismatch between the IT manager and employees' perspectives regarding data breaches by employees. However, employees who recognized accidental data sharing almost half (48%) said they were random, 30% had a very stressful work environment, and 29% said it was because they were tired.
That said, the Tanium report, the private security systems and the ultimate enterprise management systems headquartered in Emeryville, Calif., Appear to be the culprit of CISOs or CIOs (Information Systems Director). Lack of visibility and control over end-to-end computers (laptops, servers, virtual machines, containers, or cloud infrastructure) not only prevents IT managers and security administrators from making decisions with confidence, it also leaves the companies open to disruption, concluded Tanium. This lack of terminal visibility also prevents businesses from operating effectively and remain resistant to disturbances.
To accurately understand how companies deal with technological disorders, Tanium has commissioned a two-stage study. The first survey included more than 4,000 economic decision makers in the United States, the United Kingdom, Germany, France and Japan to understand the disruption resistance barriers. The second one analyzes computer security and operational compromises faced by more than 500 CIOs and CISOs to protect their activities from increasingly cyber threats and other disorders. According to Tanium, both stages of the research clearly show that a new approach is needed to ensure the visibility and control of information technology.
This report indicates that 94% of surveyed IT and CISOs acknowledge that they have made compromises to protect their business from cyber threats, failures, and other forms of disorder. For example, 81% of CIOs and CISOs have refrained from major security updates or patches, sometimes more than once, due to concerns about their impact on the company's business. It was also noted that 80% of them found that a critical update or patch they thought were deployed did not update all devices as expected. Others, however, do not recognize this state of affairs. Approximately 32% of respondents reported that ministers and managers of companies were working in silos, leaving them lack of visibility and control over IT operations.
Reading this report shows that CIOs and CISOs make compromises that are somewhat dangerous for corporate data security. It also shows another aspect of the violation of business data that other reports did not necessarily point out, which is the role of CISO and CIO. But is he still the main player in breaking information between employee and IT manager? Finally, in other places on the Internet, some fears from CIOs and CISOs are associated with updates that could damage business activity to backward compatibility issues that often represent a large part of the applications or software used in business.
What do you think about the results of this report?
Are you an RSSI or CIO, how do you manage data security in your business?
61% of CISOs say employees accidentally discovered business data according to the survey
Gartner: Security Expenditures Will Be Over $ 124 Billion in 2019 Due to Security Risks and Changes in Industry
Physical security keys, an effective anti-phishing attack solution? Yes, based on Google feedback
Drupal Security Team Announces End to Official Version 7 Support Open Source CMS for November 2021
Are the DevOps containers presenting risks to the security of your data? Yes, according to the study