As we research interesting stories to publish on the blog, we find an overwhelming amount of stories of data breaches where organizations feel they have had sufficient controls in place simply through the tools they use to protect themselves.  As this recent article from Continuity Central indicates, they are taking a very costly risk.  A quick snippet of the article…

First, websites have become the Achilles’ heel for corporate IT security. Attackers are intensely focused on attacking web applications so they can infect end-user machines. Meanwhile, corporations are using off-the-shelf applications that are riddled with vulnerabilities or even worse, custom applications that can host numerous unknown vulnerabilities that can’t be patched.

In our business of process and policy - we re-iterate, an ounce of prevention is worth pound of cure.

Forrester Reserch, Inc. has come out with a great new survey on IT Spending for 2009.  Unfortunately, it cost $995.00 to get a copy if you are not a Forrester client.  For those of us not in that category, a great article by Linda Tucci, a senior staff writer and SearchCIO.com breaks down the need to know and interesting findings.   Read the entire article.

We would be interested in your comments and opinions if this is what you see in your organization or with your own clients?

An article by Andy Greenberg

 Data Breaches aren’t just more common than ever–they’re also more costly.  According to a recently released report by the Ponemon Institute and funded by encryption firm PGP, the cost of a data breach for companies has risen to $202 per lost record, up from $197 in the institute’s 2007 study. For the 47 companies audited in the study, those costs added up to $6.6 million per incident.   Read the entire article.