Friday, November 19, 2010

Who is minding your Data Stores?

I recently received the “Benchmark Study on Patient Privacy and Data Security” by the Ponemon Institute, that was released on November 10, 2010. One thing that always screams out to me from these reports is how few of the data breaches are detected by the organization that was breached. According to this study less than half (47%) were detected by a hospital employee and in a significant number of cases (41%) it was the patient themselves that noticed the breach.

When you look at statistics from Gartner and other industry analysts, much of the security spending dollars are going to preventative controls and a much smaller percentage are going to monitoring solutions and detective controls. Do we as a security professionals have that backwards?

In spite of significant investments in firewalls and anti-virus tools - generally the two largest categories overall - organizations continue to get breached and data continues to leave the castle. Are you focused enough on detecting when unusual activities are taking place in your company and spotting potential breaches?