Follow on Google News News By Tag * Survey * Database * Security * Compliance * Risk * Threats * Breach * Data * Enterprise * Esg * More Tags... Industry News News By Place Country(s) Industry News
Follow on Google News | Sensitive Data Protection at Crisis Level in Protecting Enterprise According to Application SecurityOrganizations Suffering from Failed Database Audits and a Lack of Clear Controls for Database Protection; Study Reveals Misplaced Spending Priorities for Data Security
By: Tom Bain This study reveals that 60% of organizations don’t feel their existing database controls adequately protect their organization’ The survey reveals that despite the fact that over two-thirds of organizations are spending moderate to significant amounts of time writing custom scripts, remediating compliance issues, and engaging in associated tasks, 38% of organizations still failed database security audits. The study further reveals the troubling statistic that less than 4% of IT budgets are spent protecting the data where it lives – in the database. “We’re at war with the cyber criminals and clearly we are not winning,” said John Ottman, president and CEO, Application Security, Inc. “2009 saw a sevenfold increase in records breached, and our research is an acknowledgement by enterprise IT security executives that we are in the midst of a crisis.” “This year’s data reflects increased risk to the enterprise database, and a clear lack of understanding of what it takes to protect confidential information,” Additional key findings: • Only 37% of organizations feel they meet compliance standards relative to protecting their company’s information. • Respondents cited that failed audits are largely based on a lack of an effective access control policy, reporting/audit process issues and multiple technology issues. • Internal audits and Sarbanes-Oxley audits top the list of the types of security audits organizations are failing in 2009. The 2008 survey demonstrated that respondents reported higher failures rates for PCI, HIPAA, GLBA and FISMA audits. • Over half of enterprises surveyed cite budget constraints as an issue impacting ability to protect their database systems – an indication that the economy is still playing a role in this growing problem. • The two leading root causes of data breaches cited were human error (53%) and external attacks (34%). Survey webinar and report information Application Security, Inc. will be hosting a webinar to discuss the research findings. Jon Oltsik, senior security analyst with Enterprise Strategy Group, and Thom VanHorn, vice president, global marketing, Application Security, Inc. will be the presenters. Title: Enterprise Database Security Controls: Unmasking Today's False Sense of Security and Compliance Date: Time: 2:00 PM - 3:00 PM EST Register: https://www1.gotomeeting.com/ To download a copy of the comprehensive “Database Security and Compliance Risks” report executive summary and Application Security, Inc. Solutions Brief, please visit www.appsecinc.com. # # # About Application Security, Inc. Application Security, Inc. is the leading provider of agentless database security, risk and compliance (SRC) solutions for the enterprise. Application Security, Inc.’s agentless approach - AppDetectivePro for auditors and IT advisors, and DbProtect for the enterprise - delivers the industry’s most scalable database SRC solution and is in use around the world in the most demanding environments by over 2,000 customers. The company was named to Inc. Magazine’s 2007 (Inc. 500) and 2008 list of America’s Fastest Growing Private Companies, and was also named to the 2008 Deloitte Technology Fast 50 by Deloitte & Touche. For more information, please visit www.appsecinc.com. DbProtect is a trademark of Application Security, Inc. All other product names, service marks, and trademarks mentioned herein are trademarks of their respective owners. End
|
| |||||||||||||||||||||||||||||||||||||||||||||
