EY: Global Information Security Survey 2013

Organizations must be prepared to combat against, manage and mitigate cyber attacks that can occur anytime, anywhere, Says EY.

EY’s 16th annual global information security survey explores the actions organizations have taken to address current threats, how leading organizations are preparing for cyber risks that may be on the horizon, and how new technologies and an innovative approach can help organizations proactively prepare for the future.

EY found three levels of response to cyber risk in an environment where cyber attacks are numerous, constant and increasingly complex:

  • Improve — What organizations are doing to address the current threats and the challenges that still exist
  • Expand — Steps leading organizations are taking to address new threats more proactively
  • Innovate — Solutions organizations need to address new and upcoming technologies

EY’s Global Information Security Survey 2013 report can be downloaded here.

ISACA India to Host IT Governance and Risk Conference 2013

The ISACA Chennai Chapter and the ISACA India Task Force are hosting the ISACA India Conference, (IIC) 2013, a two-day event themed “IT Governance, Risk Management and Compliance—Current and Future Trends.” Scheduled for 28-29 November 2013, IIC 2013 will focus on topical issues being faced by the IT industry and will share guidance and good practices for dealing with complex challenges and opportunities at a strategic and thematic level.

ISACA, a global association of 110,000 IT professionals, is bringing members of the business, IT governance, risk management and compliance community together for the conference to comprehensively discuss pressing matters pertaining to Big Data and data analytics, mobility, e-business in the information age, managing risks in embedded systems and more.

Former NSA Honcho Calls Enterprise Security ‘Appalling’

Former NSA technology boss Prescott Winter has a word for the kind of security he sees even at large, technologically sophisticated companies: Appalling. Companies large enough to afford good security remain vulnerable to hackers, malware and criminals because they tend to throw technological solutions at potential areas of risk rather than focusing on specific and immediate threats, Winter said during his keynote speech Oct. 1 at the Splunk Worldwide User’s Conference in Las Vegas. ‘As we look at the situation in the security arena we see an awful lot of big companies – Fortune 100-level companies – with, to be perfectly candid, appalling security. They have fundamentally no idea what they’re doing,’ Winter said, according to a story in U.K. tech-news site Computing. During almost 28 years at the National Security Agency (NSA), Winter established the spy agency’s Technology Directorate and served as the agency’s first CTO. He also held positions as the NSA’s CIO, its deputy chief of Defensive Information Operations and, oddly, as chief of Customer Response. He is currently managing director of Chertoff Group, the strategic management and security consultancy established by Michael Chertoff, secretary of the Dept. of Homeland Security under Pres. George W. Bush and co-author of the USA Patriot Act.