CNET News writer, Lance Whitney, shared his comments on the findings from a recent McAfee report titled “The Security Paradox“.  (Read this report)

One of the most revealing findings of this report address the fact that more mid-sized companies are being attacked by cybercriminals at the same time that those same companies are freezing their IT Security budgets.

Those security breaches can also be expensive — the study found that over the last year, 1 out of 5 mid-sized companies surveyed lost $41,000 in sales on average as a result of a breach.

There are many other revealing facts f rom this study that make this report and Lance Whitney’s summary article well worth reading.

It was just announced that there is an extension to the enforcement date of the Red Flag Rules.  At the request of Members of Congress, the Federal Trade Commission (FTC) has set June 1, 2010 as the newest enforcement date for this Identity Theft related ruling.

You can read this FTC announced press release regarding this decision by clicking here……

In a recent survey conducted by the Ponemon Institute, and supported by the security firm Imperva, it was found that 71% of the firms interviewed don’t view the Payment Card Industry Data Security Standard (PCI DSS) as a strategic initiative for their organization(s).

The data in this report states at least the following reasons for the lack of strategic importance linked to PCI DSS: (1) its hard work and requires constant monitoring and maintenance, (2) there is the perception that good security does not increase market share — i.e. consumers do not reward companies when nothing bad happens, and (3) most companies reported that they don’t believe the worst will happen to them — and — even if it does, they anticipate being able to handle the cost of the breach and move on.

Another observations was that 79% of this very same group has experienced a data breach that involved the loss or theft of credit card information.

The data in this report also hints that to incur the cost of a breach is cheaper than paying for what it takes to protect the systems and data.

George Hulme wrote about  more details of this report’s findings in an article posted on the InformationWeek’s Security Weblog — which you can read by clicking here.

You can also access this free report by registering at the following website:

https://www.imperva.com/ld/ponemon.asp