How common are successful security
breaches?
According to the 2001 CSI/FBI Computer Crime and Security
Survey, 91% of survey respondents reported that they experienced
security breaches within the past year. Only 186 respondents
(primarily large corporations and government agencies) were
willing or able to quantify the resulting financial impact,
but those organizations reported losses of $377,828,700. This
is despite wide deployment of security technologies: 98% of
respondents employ anti-virus software, 95% have firewalls,
64% use file encryption, and 61% have intrusion detection systems.
The message is clear: To safeguard your organizations
vital resources you must assume that a security event will occur
and plan accordingly.
How will you minimize disruptions to business continuity and
impacts on your customers? How will you prevent loss or release
of critical data stores? How will you handle incident recovery?
Are you prepared to quickly launch a forensics investigation,
before evidence of the security event is destroyed?
Having detailed, workable plans for responding to these kinds
of events will minimize the losses your company incurs. Planning
for the worst isnt cynicism
its insurance. |