Are you getting tired of all the reports about threats and intrusions?
InformationWeek – “Banks face ongoing cyber threats”
NetworkWorld – “Advanced persistent threats force IT to rethink security priorities
This isn’t really news to us. It’s more of the same, and it hasn’t change much, if anything.
The “Man bites dog” headlines directed at the general public are different.
Calgary Herald –“Oil industry prime target for hackers …”
ABC News – “Nation’s infrastructure still vulnerable to cyber attacks”
When these types of reports make the news, whether it’s names stolen from Sony or an intrusion at RSA, someone with the ability to act may take notice. Still, I suspect that most enterprises still consider information security as insurance; a cost to be minimized. Security training likely isn’t offered through HR along with classes on how to manage conflict or drive safely while on company business.
It’s likely, too, that despite the increased noise directed at non-techies about security-related issues, whether it’s fraud, theft, espionage, terrorism, or warfare, that the threats, the risks, and the attacks will continue to increase, and security will remain an afterthought.