News Release

Social Media Release: Data Leakage Worldwide Part 2 -- Cisco Research Assesses Effectiveness of Security Policies

Date/Time Stamp: November 3, 2008, 5:00 a.m. PDT Part 2:
cisco_building_corporate_002-jpg-1889882-1-0
Nov 03, 2008

Date/Time Stamp:

November 3, 2008, 5:00 a.m. PDT

Part 2: Highlights / Key Facts: November 3, 2008

  • Cisco releases second set of behavioral research findings on data leakage that features perceptions and behavior of 2,000 employees and IT professionals in 10 countries: the United States, United Kingdom, France, Germany, Italy, Japan, China, India, Australia, and Brazil.

  • Key Findings: The Effectiveness of Corporate Security Policies

    • One in four companies do not have data protection or security policies.

    • Policy awareness gap between employees and IT: Between 20-30 percent more IT respondents are aware of security policies than employees.

    • Communication disconnect: IT oftentimes communicates policies in an indirect, non-verbal manner, such as email, voicemail, paperwork, etc. Lack of direct, verbal engagement a big reason for gap in IT-employee security policy awareness.

    • Top reason why employees defy corporate security policy: Lack of alignment between policies and reality of doing their jobs.

    • One of five IT professionals said data leakage incidents involved the loss of customer data.

  • Cisco Chief Security Officer John N. Stewart and other executives from the company describe research findings, provide recommendations for establishing and communicating security policies to employees and explain how to protect businesses if policies are broken. http://tools.cisco.com/cmn/jsp/index.jsp?id=80358

Part 1: Highlights / Key Facts: October 21, 2008

  • Cisco releases behavioral research revealing the most common data leakage risks and mistakes employees make in businesses of all sizes, in various industries around the world. (www.cisco.com/go/dlp)

  • The research features perceptions and behavior of 2,000 employees and IT professionals in 10 countries: the United States, the United Kingdom, France, Germany, Italy, Japan, China, India, Australia, and Brazil.

  • Key Findings: Many employees admit a number of risky behaviors, such as:

    • Altering security settings to bypass corporate security policies and access unauthorized sites

    • Accessing unauthorized areas of networks and facilities

    • Sharing sensitive corporate data with non-employees

    • Sharing corporate devices with non-employees

    • Losing portable storage devices

    • Allowing others to "tailgate" behind them into corporate facilities

    • Leaving devices with passwords to personal financial accounts and corporate systems unattended and unlocked

  • Cisco Chief Security Officer John N. Stewart and other executives from the company provide insight into their experiences and approaches to preventing data loss as guidance for businesses and their IT organizations: http://tools.cisco.com/cmn/jsp/index.jsp?id=79228

Tags / Keywords:

Security, Cisco security, network security, data loss, data leakage, data loss prevention, data protection, IT security, employee behavior, IT perceptions, security policy, IT policy, corporate policy, policy

Links / URLs:

Quotes:

  • John N. Stewart, Chief Security Officer, Cisco

    • "Businesses are enabling employees to become increasingly collaborative and mobile. Without modern-day security technologies, policies, awareness and education, information is more vulnerable. Today, data is in transit, in use, within programs, stored on devices, and in places beyond the traditional business environment, such as at home, on the road, in cafes, on airplanes and trains. This trend is here to stay. To protect your data effectively, we need to start understanding the risk characteristics of business and then base technology, policy, and awareness and education plans on those factors."

Embedded Videos:

Related Content

Error
No related articles found.
No related articles found (current page has no tags).