When IT Security Goes Awry, Whose Head Will Roll?

Cue The Announcer:

And now it's time to plaaaaaay ... "Whose Head Will Roll?" an imaginary new game show brought to you by Symantec, which ran an impromptu survey of attendees at VMworld 2012 in San Francisco. Contestants were given a quick scenario involving good things gone bad and asked to give their opinions on (you guessed it) "Whose Head Will Roll?"

While accountability for gaffes, mistakes, hurricanes and intermittent squalls can vary from one organization to the next, "contestants" were asked to give their opinion of who was ultimately responsible for each problem.

So get your index finger ready to point away from yourself! It's time to play, "Whose Head Will Roll?" where the format may be in good fun, but the questions and percentages are real, based on Symantec's research.

You Can't Hear Me Now!

A lost mobile phone goes unreported by an employee, but it has virtual server passwords on it. Company servers are then compromised. Whose head will roll?

Will A Shot Of Penicillin Fix This?

A malware infection brings 30 virtual servers down, impeding productivity across several divisions of a major financial institution. Whose head will roll?

I'll Just Put It On Your Tab

If credit card data was automatically added to a virtual system that wasn’t configured for PCI compliance and the company was fined $500,000, whose head would roll?

Bonus? What Bonus?

If a virtual server failure left the vice president of sales unable to submit a contract at quarter-end, causing the company to miss their sales target by $5M, whose head would roll?

The Rest Of You Can Take The Day Off

If an application failed and had to be recovered manually, taking a day to recover the application and causing a missed Recovery Time Objective (RTO), whose head would roll?

And You Thought Angry Birds Were A Problem?

If a virtual backup failure resulted in an angry CEO missing key M&A docs, whose head would roll?

Seven Years Of Bad Luck ...

If data was left on a virtual server for seven years instead of being purged, as per data retention policies, and the company was left open to lawsuit, whose head would roll?

What's A Couple Million Here And There?

If virtual account sprawl were not properly managed, causing an additional $2M in hardware purchases, whose head would roll?

Oh, Were We Supposed To Use Those?

If virtual servers were not properly put behind a firewall, causing sensitive corporate information to be accessed and exposed, whose head would roll?

Just One More Thing To Put On Your Tab ...

If a malicious insider gained access to credit card data on a virtual machine, whose head would roll?