Sixty-three
percent of U.S. organizations responding to CompTIA’s 8th Annual Global
Security Trends Study say that they have experienced at least one security
incident or breach during the past year. Among those who had a security
incident, 45 percent classified the situation as serious – meaning there was a
financial threat, potential damage to the organization’s reputation or other
serious issue.
More
than 250 information technology and business executives directly involved in
setting or executing information security policies and processes within their
own organization responded to the U.S. portion of the web-based survey in July
2010.
Final
results of the study will be released next week. I am reaching out to you to
see if you would be interested in receiving the full report prior to the
release, and in speaking with CompTIA VP of Research Tim Herbert, so that you
can write a story in conjunction with the release of the data.
Some
of the other key findings from the report:
- 55 percent of organizations have a
written cybersecurity policy
- Human error is the perceived cause
for 59 percent of security incidents; 41 percent are perceived as technology
errors
o The element of human error that most
contributes to security breaches: Failure of end users to comply with security
policies – 49 percent
- 49 percent of those surveyed rate
security as an upper level IT priority, compared to 35 percent in 2008
- About one-third of organizations
require end-user security training, which is more prevalent among organizations
with larger staff sizes, higher revenues and formal security policies
The
results from CompTIA’s 8th Annual Global Security Trends study are set to be
released November 18.