IT Security Breaches: The Costs and the Cures Todd Thibodeaux
President and CEO CompTIA
Slide 2
Who We Are | What We Do E DUCATION C ERTIFICATIONS A DVOCACY P
HILANTHROPY
Slide 3
The Usual Opening Scary Security Headline: Oh the Humanity
Slide 4
Wait, How About Technology, Training, Teamwork Thwart Security
Breach
Slide 5
Setting the Stage: The Good and the Not so Good More
organizations rate security a high priority; although still often
viewed as an IT problem # of security breaches roughly constant;
severity level trending upwards + new threats and vulnerabilities
IT professionals rate human error a primary cause of many security
breaches Improvements to security landscape attributed to better
technology, policy and training Spending on security held up
relatively well in 2010
Slide 6
Forecast Prioritization of security relative to all strategic
IT initiatives Prioritization of InfoSec Trends Upwards
Slide 7
Changes to the Security Landscape Increasing ConcernsIncreasing
Areas of Improvement Rise of social networking52% Improved
technology to protect against threats 55% More reliance on
Internet-based applications 50%Improved IT staff expertise41%
Growing criminalization and organization of hackers 48%Improved
security policies36% Greater interconnectivity of devices46%
Improved ability of end-users to avoid security threats 33%
Sophistication of security threats exceeding staffs expertise 42%
Improved ability to enforce security policies 24% More access
points42% More exec. mgt. support of security 16%
Slide 8
Many Variables to Consider More Critical No Change Less
Critical
Slide 9
Economic Recession Affects Security Likelihood of new internal
security threat due to departing or disgruntled employees
Slide 10
Elements of Human Error that Contribute to Security
Breaches
Slide 11
Actions Taken After Security Breaches
Slide 12
Top Areas where Organizations want to Improve their Response to
Security Breaches
