Simplistic Security Could Cause Corporate Collapse in 2008, Warns Secerno
Database security expert argues intelligent behaviour analysis will be key
2007 has been regularly punctuated with data breaches, and as a result public awareness of data protection has risen to an all-time high of 85% (1). The Information Commissioner's annual report also highlighted the ICO received almost 24,000 enquiries and complaints concerning personal information over the 2006/7 period, prosecuting 16 individuals and organisations just over 12 months (2).
Steve Hurn, CEO, Secerno comments, "The memory of the damage caused by 2007's numerous security breaches will not fade quickly. Breaches such as the HMRC's loss of two discs affected 25 million people, whilst Leeds Building society recently lost sensitive data relating to workers payslips and just last week, the DVLA compromised 6,000 drivers after losing their sensitive information. Consumers and credit card companies will no longer tolerate what have now become exceedingly routine data loss incidences."
Secerno's annual report: "The State of Data Security 2007/8" predicts this will drive security attention from the network towards the applications, and particularly data sources. The result will be the emergence of an increased number of intelligent behavioural analysis solutions that can understand the context of requested data transfers and data flows, both into and out of organisations.
"While the business drivers of cost and centralisation make sense, the security issues pertaining to authorised access and authentication to prevent abuse of access rights to a single, large source of sensitive data are tremendous. 2008 will finally see the acceptance of monitoring and auditing procedures in an attempt to achieve control over data access through the adoption of more intelligent blocking approaches to protect enterprise scale environments," adds Hurn.
During 2007, legal compliance has also been a key driver for security spending globally. However, as complexity of compliance increases due to political pressure and government legislation, IT security purchasers will demand reporting procedures to be integrated into their existing technology platforms. Hurn believes, "This will force point solutions providers to deliver added value and security beyond audit and reporting. Those without the required assets will fade away."
Hurn concludes, "Security will increasingly become an issue of tracking and proactively securing data in its many forms, rather than seeking footprints of intruders on the network. Approaches that follow the data across the enterprise and model the behaviour of those using it will start to make headway.
"Traditional security approaches will buckle under the strain of new threats and increasing numbers of authorised users. Firewalls in complex environments can run into tens of thousands of rules. The hope that any human can understand and manage the complete picture is rather fanciful."
(1) Compliance and privacy.com
(2) ICO Annual Report 2006/7
Award-winning Secerno provides the world's most advanced, comprehensive and intelligent database security solution.Deploying a micro perimeter approach, Secerno.SQL sits right next to an organisation's data asset to protect data at the highest level. Its unique machine-learning technology understands the true intent of database interactions and protects an organisation's data from both known and unknown threats to data, whether they originate from external or internal sources.Located in Oxford, UK, Secerno enables the continuous improvement of data security by allowing companies to understand, control and protect their data assets. It empowers organisations to derive the most value from their information and to enable data security without the costs associated with traditional solutions.Secerno offers protection to customers across an array of industries including financial services, healthcare and pharmaceuticals, retail and government agencies and departments. Secerno is funded by UK investors, including Eden Ventures and SPARK Ventures, who have a successful track record for backing winning innovators and entrepreneurs. For more information go to http://www.secerno.com
Press releases you might also be interested in
Weitere Informationen zum Thema "Sicherheit":
Was ist eine PKI (Public-Key-Infrastruktur)?
Bei einer Public-Key-Infrastruktur (PKI) handelt es sich um eine Sicherheitsinfrastruktur, die Services für den sicheren Austausch von Daten zwischen Kommunikationspartnern bereitstellt. Mit Hilfe der PKI lassen sich Zertifikate und die Zugehörigkeit von öffentlichen Schlüsseln prüfen.Weiterlesen