- Jun 9, 2013
- 6,720
Just one-fifth (19%) of organizations have what they consider to be “excellent” visibility into their data and database assets.
According to Osterman Research’s database security industry report, about 39% of organizations surveyed also said that they lack the necessary tools to allow them to identify a database breach.
“This study reveals there’s a clear shift beginning to occur in information security away from total reliance on perimeter security toward a greater emphasis on database security,” said Michael Osterman, president of Osterman Research. “Identifying compromised database credentials and insider threats will likely receive far more investment in the future. And, the actual rate of successful infiltrations or other leakage events is likely greater than discussed in this report due to inadequate organizational systems for tracking successful threats.”
In addition to most survey respondents lacking visibility into their organizations’ data and databases, 59% of respondents lack a high degree of certainty about which applications, users and clients are accessing their databases. Yet almost half (47%) of those surveyed do not have an assigned team or even an individual to oversee the security of their databases.
When asked what database security issues are of most concern, compromised credentials was the top concern of half of the survey respondents. The next biggest concern was the potential for the organization to experience a major data breach (a clear follow-on concern about lost credentials), followed by the inability to identify data breaches until it’s too late. Only 21% of survey respondents indicated they can discover such a data breach almost immediately. Most could not, and 15% responded they have no idea how long it would take to discover a breach.
Full Article. Alarming Percentage of Orgs Can't ID a Data Breach
According to Osterman Research’s database security industry report, about 39% of organizations surveyed also said that they lack the necessary tools to allow them to identify a database breach.
“This study reveals there’s a clear shift beginning to occur in information security away from total reliance on perimeter security toward a greater emphasis on database security,” said Michael Osterman, president of Osterman Research. “Identifying compromised database credentials and insider threats will likely receive far more investment in the future. And, the actual rate of successful infiltrations or other leakage events is likely greater than discussed in this report due to inadequate organizational systems for tracking successful threats.”
In addition to most survey respondents lacking visibility into their organizations’ data and databases, 59% of respondents lack a high degree of certainty about which applications, users and clients are accessing their databases. Yet almost half (47%) of those surveyed do not have an assigned team or even an individual to oversee the security of their databases.
When asked what database security issues are of most concern, compromised credentials was the top concern of half of the survey respondents. The next biggest concern was the potential for the organization to experience a major data breach (a clear follow-on concern about lost credentials), followed by the inability to identify data breaches until it’s too late. Only 21% of survey respondents indicated they can discover such a data breach almost immediately. Most could not, and 15% responded they have no idea how long it would take to discover a breach.
Full Article. Alarming Percentage of Orgs Can't ID a Data Breach
