Posted by: Pabrai
According to the FBI, cybercrime is now more widespread than narcotics. The targets of cybercrime are a lot more focused than ever before. The average organization’s information infrastructure is attacked nearly 60,000 times every day. Let me repeat that attacks on business computing infrastructure are now close to 60,000 times each day.
The volume of created content is expected to quintuple in the next two years – to more than 2.5 zettabytes. Seventy of the content created is done by individuals with no responsibility to secure it. However, most of the content produced – 85% – is in environments and organizations with responsibility to secure this information.
There have been over 354 million reported data privacy breaches over the past five years in the USA alone.
California recently fined five hospitals $675,000 in penalties for failing to prevent unauthorized access to patient medical information. The healthcare industry is a growing target of threats.
Today, just about all industries must meet federal and state mandates for information privacy and security. FISMA impacts federal government agencies, HIPAA and HITECH are critical requirements for the healthcare industry and those that process or manage cardholder data must meet PCI DSS requirements. These regulations establish the minimal (floor and not the ceiling) capabilities that organizations must establish to secure sensitive information.
As I often share with my clients, our approach for information security in 2010 and beyond must result in capabilities to “bake in” security mechanisms and ensure that controls are not “bolted on”.
How prepared is your organization in preventing the compromise of sensitive client and customer information as well as protecting vital assets from these sustained attacks?