Saw this article on Forbes.com. It seems that scaring businesses into purchasing software security solutions is big business.
"Chief executives are like consumers. They are heavily influenced by what they see on CNN or in the newspapers," says Symantec's (Vincent) Weafer. (Weafer runs the security response division at Symantec)
So how much of what corporate America is spending on security solutions is really necessary?
U.S. losses last year from corporate security breaches "declined dramatically," to the tune of about $130 million according to the Computer Security Institute and the FBI. This was based on a survey of 639 companies, although an unknown percentage of fraud goes unreported.
Some 70% of security breaches are caused by human error, says a March 2006 survey by the Computing Technology Industry Association. Brian Boetig, a supervisory special agent with the FBI's computer crime unit in San Jose, Calif., describes the typical breach: "When you fire an employee and don't change their password, they can get into the system and get information to a competitor." No technical solution there. Says Boetig: "There are people creating problems so they can fix them. But that's marketing for you."
Security issues are kind of like the old adage: A recession is when your neighbor loses his job. A depression is when you lose yours. If you've had a security breach, it's a big problem, but if not, it sems much ado about nothing.
Comment Preview