As if they needed more stress, organizations are facing evolving and increasingly stringent compliance regulations from the Payment Card Industry, as well as Sarbanes-Oxley, HIPAA and others. Here are a few security compliance products that can make the audit process less excruciating.
Here are 10 of the distributor's hottest new offerings winning over solution providers.
New smartphones from Sony, Motorola and the first-ever Twitter-only mobile device -- the TwitterPeek -- headline a busy week for handset makers as the holiday shopping season heats up.
Data Loss Prevention Trends To Watch In 2008
6:53 PM EST Wed. Jan. 02, 2008
Page 1 of 3
Experts say this is just the tip of the iceberg. Since January 2005, the Privacy Rights Clearinghouse has identified more than 215 million records belonging to U.S. residents that have been compromised due to a security breach.
The costs of these and other breaches have weighed heavily on the organizations that are impacted. A recent study conducted by the Ponemon Institute determined that the total average costs for lost or exposed data grew to $197 per compromised record, representing an increase of 8 percent since 2006 and 43 percent since 2005. Currently, the average total cost for companies is more than $6.3 million per breach, which accounts for increased legal and public relations costs as well as lost business. And experts warn that the amount of lost revenue a company experiences in the wake of a data breach will only continue to grow.
"You lose 10 million records, it gets really expensive, really quick," said John Dasher, director of product management at PGP, a data protection company. "That's really staggering if you think about it."
To say the least, businesses are still reeling from the effects. "There's no question that all of these breaches are driving people to rethink their priorities in terms of security," said Ted Julian, vice president of marketing and security for Application Security. "People are saying 'let's step back and realize our data is under siege, what's of value that we need to protect and where is it?'"
As a result, security experts say we can expect to see significant changes within companies in regards to how they protect data and deal with its loss in 2008. With increased awareness, and a strong desire to keep their names out of the papers, many companies will be ramping up security technology, and investing in employee education and comprehensive protocol.
Yet, as businesses become savvy to data threats, attackers will continually find more sophisticated methods of attack. Security experts ascertain that databases will become prime targets, and that the Storm Worm will evolve yet again. Meanwhile, some of the biggest threats to data will come from inside the affected companies and often be unintentional.
"One of the things that makes data leak prevention so significant is that it's so hard to do. There's always a way around any defense you can think of," said Richard Stiennon, chief marketing officer for Fortinet. "It's a problem without an ultimate solution."
Data In The Spotlight
Even with increased awareness and more sophisticated security measures, experts say we can expect to see more data breaches grace the headlines in the upcoming year -- primarily because more companies and organizations will be required to publicly disclose them when they occur.
"Part of what we're seeing is the effect of disclosure laws," said John Thielens, vice president of technology for Tumbleweed. "The problems are being made visible. It's just now we know about it."
So far, 35 states provide regulations that require that companies or agencies to notify affected individuals, such as customers, employees, citizens, students and alumni, when their confidential or personal information has been lost, stolen or otherwise compromised. That number will likely grow to include all 50 states within the next few years, security professionals say.
"It's not that there are going to be more (breaches), they're just going to be publicized," said Faizel Lakhani, vice president of product marketing for Reconnex. "I think there're a lot of breaches today but they're not disclosed because they're not required to be disclosed."
In addition to personally identifying data, experts also anticipate that organizations will be required to disclose breaches of digital assets that make up shareholder value.
"There's all kinds of studies that show that customers don't want to do business with companies that have experienced a breach," said David Vergara, director of product marketing of data security for CheckPoint. "It's going to get painful if you're not able to control and protect that sensitive information."
As companies implement more policies and deploy comprehensive security technologies, other database vulnerabilities will be exposed with the increased scrutiny. "They change some policies, and 'oh my gosh,' those tools and policies and processes are shining a light on other breaches that would have gone unrecognized," said Dasher. "Connecting those dots can be difficult if they surface at all."
Next: Databases Will Be Targeted
