• Interesting stats from Information Security Breaches Survey 2008

    08 Jul 2008

    First of all, for those of you reading this in the U.S., welcome back from the 4th of July holiday!

    I just came across some statistics in the U.K.-based Information Security Breaches Survey 2008 that provides some insight and clarity into why we still (and always will) have security breaches:

    • 98% of respondents scan for spyware…55% have a documented security policy.
    • 97% filter for spam…40% provide security awareness training.
    • Only 6% have suffered a confidentiality breach…as far as they know.
    • 52% do NOT carry out formal risk assessments…while 81% believe their board believes security a high or very high priority. Ha!
    • 78% had computers stolen that didn’t have encrypted drives. I still don’t get this one!!
    • 84% do not scan outgoing email for confidential data…this is where (and why) the bad guys focus their efforts.

    Oh, and 84% are heavily dependent on their IT systems…The other 16% just don’t realize their dependence. Yet.