Sponsored By

Security Report: Few Breaches Have Malicious Intent

<a href="http://www.darkreading.com/document.asp?doc_id=154392">Dark Reading</a>

Jim Manico

May 21, 2008

1 Min Read

Further evidence that every cloud has a silver lining: According to a new CompTIA study of 2007 IT security trends, three out of every four severe data breaches that companies experienced were not the result of purposeful action.In fact, the No. 1 cause, cited by 29 percent of more than 2,000 IT security pros, was good ol' human error; a failure to follow security procedures (45 percent) and a lack of security know-how (25 percent) topped the reasons behind those errors. Another 14 percent of survey-takers cited technical malfunctions as the culprit behind security breaches. As for the intentional breaches, 10 percent were caused internally, while 16 percent came from outside a company.

CompTIA also found companies spending more on security -- 12 percent of their IT budgets went to security, up from 7 percent in 2006. Around 40 percent of a company's security budget goes into training, which in turn has saved U.S. firms up to $2.2 million overall, according to CompTIA.Dark Reading

About the Author(s)

Jim Manico

OWASP Global Board Member

Jim Manico is a Global Board Member for the OWASP foundation where he helps drive the strategic vision for the organization. OWASP's mission is to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks. OWASP's AppSecUSA<https://2015.appsecusa.org/c/> conferences represent the nonprofit's largest outreach efforts to advance its mission of spreading security knowledge, for more information and to register, see here<https://2015.appsecusa.org/c/?page_id=534>. Jim is also the founder of Manicode Security where he trains software developers on secure coding and security engineering. He has a 18 year history building software as a developer and architect. Jim is a frequent speaker on secure software practices and is a member of the JavaOne rockstar speaker community. He is the author of Iron-Clad Java: Building Secure Web Applications<http://www.amazon.com/Iron-Clad-Java-Building-Secure-Applications/dp/0071835881> from McGraw-Hill and founder of Brakeman Pro. Investor/Advisor for Signal Sciences.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights