Businesses are still failing on the basic requirements for information security such as visibility of their data assets, says security firm Websense.
This first-hand experience with UK organisations is supported by recent global research by the Ponemon Institute commissioned by Websense.More than a third of information security professionals who said their organisations had been hit by a security breach admitted they had no idea what data had been stolen, the study showed.
“This means in many organisations even basic security functions are being missed,” said Neil Thacker, information security and strategy officer for Europe at Websense.
“The coming European data protection legislation will require mandatory breach notification, but that will be a challenge for organisations that lack visibility of their data assets,” he told Computer Weekly.
Proper visibility of data assets will be essential when organisations are called upon to report data breaches and assess their impact.Thacker said these organisations are running out of time to ensure they know what is going on in their IT infrastructure and they have a fast and efficient way of assessing the impact of data breaches.
“All businesses in Europe should ensure they have established data discovery and classification processes in place by the time the new legislation is enacted,” he said.
Another priority should be assigning ownership and responsibility for all data assets to business leaders in information security by making them accountable for specific data sets.
“Discovery, classification and accountability are the basic requirements for information security, and yet they are still being missed,” said Thacker.
In addition to meeting regulatory requirements, he believes greater visibility is important to building better, more collaborative relationships between IT security teams and business leaders.
This article has been extracted from http://www.computerweekly.com/, please click on this link to read the article in full http://www.computerweekly.com/news/2240231328/Firms-failing-on-security-basics-says-Websense
Montash is a multi-award winning, global technology recruitment firm. Specialising in permanent and contract positions across mid-senior appointments which cover a wide range of industry sectors and IT functions, including:
ERP, BI & Data, Information Security, IT Architecture & Strategy, Energy Technologies, Demand IT and Business Engagement, Digital and E-commerce, Infrastructure and Service Delivery, Project and Programme Delivery.
With offices based in London, Montash has completed assignments in over 30 countries and has appointed technical professionals from board level to senior and mid-management in permanent and contract roles.