BreachExchange mailing list archives
CISOs obsess over malware outbreaks, data breaches
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Mon, 28 Jul 2014 18:49:51 -0600
http://www.fiercecio.com/story/cisos-obsess-over-malware-outbreaks-data-breaches/2014-07-28 Worries over malware outbreaks and data breaches continue to keep CISOs up at night, which isn't surprising considering that most organizations report they can't find an acceptable security solution. That is one of the findings of new research from Wisegate and Scale Ventures Partners, which polled CISOs on the most pressing issues they face today. Among the key findings of the research were that malware and data breach fears now consume one-third of their attention. But despite that focus, "half of participants admitted they didn't have good ways to measure the status of these risks of how effective their programs were at addressing them," the study found. Compounding the problem is the fact that many organizations are forced to develop their own first line of defense against cyber threats, since they cannot find suitable tools in the marketplace. "Three-quarters of participants' teams needed to build a custom solution or integration to address their top risk because there are no acceptable commercially available alternatives," noted Bill Burns, executive-in-residence at Scale Venture Partners, in an email to FierceCIO. Five risks capture 51 percent of CISO's top concerns, Burns reveals, and two in particular--malware outbreaks and sensitive data breaches--are front and center on their radar. According to the study, the other three top concerns are malicious outsider threats, malicious insider threats and advanced persistent threats. In response, "security teams are consolidating and automating their controls to stay secure," Burns says. This includes: - "Three-quarters needed to build a custom solution or integration to address their top risk. - 59 percent marked as a top-choice proactive threat/misuse detection or automated orchestration to streamline their incident response processes. - 31 percent are prioritizing security controls for DevOps environments." "Finally, several participants remarked that they're concerned about managing an ever-expanding set of security point solutions," Burns said. "Even if security teams could easily find qualified staff to run new controls, they get better efficiencies driving security initiatives via automation and APIs."
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus on the right security. If you need security help or want to provide real risk reduction for your clients contact us!
Current thread:
- CISOs obsess over malware outbreaks, data breaches Audrey McNeil (Jul 29)