Monday, May 16, 2011

Encryption: Neither improves security postures nor decreases risk?

Outsourcers blamed for most data breaches in Australia

Australian IT managers have shunned platform-based encryption technology, claiming that it neither improves security postures nor decreases risk, according to a Ponemon Institute survey

The survey on encryption trends was funded by Symantec. It polled 477 Australian IT professionals with an average of nine years IT security experience who worked in roles that “directly implemented encryption technologies”.

Eighty-eight percent had “declining impressions” of the ability of platform-based encryption to improve the “effectiveness and efficiency” of IT security.

But most of the 21 percent who used platform-based encryption said it improved security.

Of those using the technology, most said it reduced operational costs and redundant administrative tasks, and provided consistent policy enforcement across applications.

About a quarter of respondents to the survey said their business had more than five data breach incidents in 2010, slightly more than those who reported none.

Ninety percent reported that loss or theft of sensitive information was likely, ahead of probable unauthorised access to virtualised systems, and network malware infections.

A separate study run and funded by the same organisations blamed outsourcers for most data breaches in Australia.

It found the average cost of data breaches totalled an average of $2 million, a figure unchanged over the last 12 months.

The study polled 19 Australian companies that lost between 3,200 to 65,000 records last year.

Each lost record cost an average of $128, and total repatriation costs tipped $4.2 million - up 5 percent since 2009.

The Ponemon Institute’s first data breach study ran in the US in 2005.

No comments: