Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec

Many databases remain unmonitored for suspicious activity.

Application Security : 05 June, 2007  (Technical Article)
Survey shows that the risk of misuse of data through database penetration remains high with nearly half of responding companies having no checks against suspicious database activity.
Application Security has announced the results of a Ponemon Institute survey that underscores the serious challenges large organisations face in securing sensitive data. With more than 150 million data records exposed in just the past two years, the survey also highlights an organisational disconnect between the realisation of the threat and the urgency in addressing it.

Conducted by one of the world's foremost authorities on data security and privacy, the Ponemon Institute surveyed 649 respondents in corporate information technology (IT) departments worldwide. Respondents averaged more than 7 years of experience in the information security field; more than 60 percent work within corporate CIO or CTO departments.

In what's an increasingly precarious balancing act, organisations are wrestling with how to protect data from misuse by external and internal forces, while expanding access to the same data to drive business initiatives. Highlighting these challenges, the Ponemon Institute/AppSecInc survey reveals that:

• Forty percent said their organisations don't monitor their databases for suspicious activity, or don't know if such monitoring occurs. Notably, more than half of these organizations have 500 or more databases - and the number of databases is growing.

• "Trusted" insiders' ability to compromise critical data was cited as the most serious concern - with 57 percent perceiving inadequate protection against malicious insiders and 55 percent for "data loss" by internal entities.

• Seventy-eight percent believe that databases are either critical or important to their business. Customer data represents the most common data type contained within these databases.

• Customer/consumer and employee data ranks 3rd and 4th respectively in regard to organizations' prioritization of what must be protected.

"Data can be monetized quickly and the bad guys know it," said Larry Ponemon, chairman and founder of the Ponemon Institute. "Organizations that fail to protect their data effectively are proving easy targets - often left to contend with considerable damage to their reputations and financial results."

"Unless organizations directly protect their databases, everything else they're doing for data security is on shaky ground," said Toby Weiss, president and CEO of AppSec. "As States and the Federal government grapple with how to compel organizations to protect consumer privacy, leading organizations are looking inward to protect data where it lives. Responsible organizations are increasingly seeking to enhance security, mitigate risk and address key compliance concerns as part of a comprehensive approach to addressing data governance within their existing IT infrastructure."
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo