11.20.2015Enterprise Tech

Enterprise Technology Spotlight: Data breaches, risk management, liability and cloud is the norm in the enterprise

Security headlines this weeks’ Enterprise Spotlight. Enterprises must complete their due diligence regarding their vendors’ security protocols because security is only as good as a company’s partners. Moreover, security is a topic for every industry. Ninety percent of industries have experienced a personal health information data breach, according to a recent Verizon study -- the utilities and management industries have been spared. The good news (if you can call it that) may be that only a small number of breaches generate media attention. Most breaches involve fewer than 1,000 records and only 20 percent of those get widely reported. Shifting gears a bit…News flash: cloud is everywhere in the enterprise. Although industry analysts report that only two or three percent of companies are using public cloud infrastructure , cloud use is much greater than that in the enterprise thanks to things like shadow IT projects and private cloud. Nearly every enterprise is using cloud for some part of their business, even if the numbers don’t reflect that. Read more about these topics below:

The challenges of third-party risk management

Reviewing and validating the security compliance measures of your vendors is just as important as doing it for your own company. It might even be appropriate to consider why certain services are being outsourced in the first place. Even if a company has taken all security precautions internally, if they don’t require (and check) the same level of security from their vendors and partners they are leaving themselves open to costly data breaches. (NetworkWorld)

Security breaches of fewer than 1,000 records rarely incur fines

The SANS Institute recently examined the factors that impact the expenses a company faces after suffering a security breach. Their survey found that in 94 percent of cases where companies are exposed to breaches of fewer than 1,000 records, the companies do not have to deal with fines or other penalties. More interesting, these breaches were found to be the most common but only 20 percent receive media attention. (ChannelPartners)

PHI data breaches commonplace across majority of industries

An analysis from Verizon Enterprise Solutions finds that 90 percent of studied industries have experienced a PHI data breach outside of traditional healthcare settings. Of the 20 sectors that Verizon evaluated, only two—the utilities and management industries—had no reported PHI breaches. (Information Management)

Stats are wrong: public cloud is already the norm

Although analysts report that only two or three percent of companies are using public cloud, the fact is cloud use within the enterprise is ubiquitous. Whether it’s IT gradually moving enterprise-grade workloads into a private cloud or a business unit using a public SaaS application for a specific project, cloud is now the norm. This is one instance where the analysts’ stats are wrong. (InfoWorld)