http://csoonline.com/article/478780/Are_You_Addicted_to_Information_Insecurity_ By Ben Rothke CSO February 02, 2009 A recent study has a finding that defies reason: close to half of 154 smokers who had surgery to remove early stage lung cancer picked up a cigarette again within 12 months of their operation, and more than one-third were smoking at the one year mark. In fact, 60% of patients who started smoking again did so within two months of surgery. The study, led by researchers at Washington University School of Medicine and published in Cancer Epidemiology, Biomarkers & Prevention confirmed that addictive behaviors are not easily changed. The study's lead author, Mark Walker, Ph.D., a clinical psychologist and Assistant Professor of Medicine at Washington University, summed it up best when he noted, "Patients are all addicted, so you cannot assume they will easily change their behavior simply because they have dodged this particular bullet." He concludes that their choices are driven by insidious addictive cravings for nicotine. In the world of IT, far too many organizations are addicted not to something as tangible as a cigarette, but instead to insecurity. While smokers' actions are driven by cravings for nicotine despite the health hazards, information technology's actions are driven by users' desire for easy access to data, usability, and quick deployment, with a disregard for confidentiality, integrity and availability of that data. These organizations typically know the risk of giving short shrift to security (many have even been bitten by data breaches and malware outbreaks), yet continue with their insecure ways despite clear evidence of its hazards. While we are decades into the IT revolution, too many companies are still not following computer security fundamentals. While each passing year brings greater and fancier security and privacy tools and technologies, not much has changed about how many organizations approach information security. In fact, Forbes noted that during 2008, banks have lost more of their customers' personal data than ever before. Based on this trend, and in light of deteriorating economic conditions, by the time the 2009 security year-in-review articles are written, there is every likelihood that this year will be the worst year on record for information security and privacy. Getting your organization to change its addiction to insecurity won't be easy. It is thought that addictive activities produce beta-endorphins in the brain, which gives the person a feeling of being high. Yet the highs of insecurity can include legal issues, regulatory penalties, negative PR, and much more. In order for enterprises to make those changes to a secure environment, they need to start by executing in the following areas. [...] _______________________________________________ Best Selling Security Books & More! http://www.shopinfosecnews.org/Received on Tue Feb 03 2009 - 22:07:06 PST
This archive was generated by hypermail 2.2.0 : Tue Feb 03 2009 - 22:10:39 PST