5 Replies to this discussion

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members reply.
  • Ben Rubenstein
    Maybe they need to get hit in the wallet? It's become clear that companies won't learn until it happens to them (and even then, many don't fix their issues). A financial incentive could be what makes the difference. 
    11,160 pointsBadges:
  • Michael Tidmarsh
    I agree with Ben, It seems to me that companies are only taking action when the breach happens to them. Hopefully they realize that's not the right course of action.
    49,075 pointsBadges:
  • chrisbunn
    Whilst IT managers and CIOs are still providing the expertise, security can no longer be their responsibility alone. When the security of systems and data are fundamental to the business, they become fundamental to all those in senior management. Perhaps the Target episode will act as a milestone in regards to how organisations should be viewing data security as a business priority. It sends a message to other top level executives; Do you know how secure your business’ systems and data are? How educated are your employees on security issues? How educated are you?
    110 pointsBadges:
  • Kevin Beaver
    Great question!

    I think Winston Churchill said it best: “Want of foresight,
    unwillingness to act when action would be simple and effective, lack of
    clear thinking, confusion of counsel until the emergency comes…these are
    the features which constitute the endless repetition of history.”

    This is such a complex study in human behavior. Just look at the research that comes out each year from Verizon, Trustwave, etc. They each underscore the same fundamental problem - it’s related to the definition of insanity that we’re all familiar with. We keep doing the things that don’t work and expect things to change.

    I think much of it has to do with the assumption that IT is "taking care
    of things" and that "we're compliant therefore we're secure". The reality is if we keep going down this path doing the things we’ve been doing, we’re going to keep getting the results we’ve been getting…No big complaints from me though...Sure, it can be frustrating as a consumer, but it's certainly great job security for all of us involved in the fields of IT and information security!
    21,600 pointsBadges:
  • Ben Rubenstein
    Yes, inertia is a powerful force. It takes a lot more work to change processes and priorities than some companies - especially those with stretched resources - are willing to do.
    11,160 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: