Subscribe to eSecurity Diva
 Subscribe via RSS Feed


 

« 5 Musts and Don'ts for Effective SEO | Main | PCI Compliance Made Easy »

August 05, 2008

A Little Challenge to the Private Sector

I recently sent some employees to an (ISC)² seminar to get an industry-recommended security certificate. The seminar is aimed at providing education on the newest and hottest cyber threats.

With all the news of mega breaches out there, including one I just wrote about in this blog, it would seem as if an information-packed seminar such as this one would be packed with IT people, right? Actually, it was. But with public sector IT people. Private sector attendees were few and far between.

What’s going on here? This little piece of news could be a telltale:

According to a new report by the Identity Theft Resource Center, the percentage of breaches occurring in the government sector has been dropping steadily over the past three years. The percentage of breaches occurring in the private sector, meanwhile, has skyrocketed 69 percent from the same six-month period last year. Mix that news with the fact that the private sector is substantially less prone to reporting breaches than the public sector and the situation gets even worse.

As the report indicates, the government sector – for a change – is outperforming the private sector. The report says during the first half of this year, breaches in the government accounted for only 17 percent of all reported breaches, a 13 percentage point decrease from 2006.

Leading the seminar was Bill Lipiczky, a senior architect with IT consultancy Managed By Design. He acknowledges the lopsided attendance record, estimating that the private sector accounted for only 20 percent of the class. He says companies often do not have as full a grasp on cyber threats as it should.

“They don’t have a good handle on the risk,” Lipiczky says. “I kind of liken it to life insurance.”

Life insurance. Kind of like not really thinking about bad things until something bad happens.

To be fair, Lipiczky points out that the government’s emphasis may be because it has more pressing things to worry about than simply identity theft. Like national security, for one. Stuff like foreign governments trying to hack into our critical systems. But something clearly has to be done here. The number of breaches cannot continue spiraling out of control without the Congress getting involved more than it already is. Do we really want that?

So, I have a challenge. Let’s start attending more professional development courses like the one offered by Lipiczky. Let’s start being more proactive about preventing breaches. And let’s show that we can do the right thing without being legislated to do so.

‘Til Next Time,

Joan,
The eSecurityDiva

Posted at 07:00 AM in Breaches |

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00e551f086aa883300e553e9bc738834

Listed below are links to weblogs that reference A Little Challenge to the Private Sector:

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Verify your Comment

Previewing your Comment

Posted by:  | 

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment