According to a recent article, because of tight budgets, many organizations plan to cut funding for technologies that would help to mitigate the main security threats they face.
The article went on to say that 72 percent of respondents have seen an increase in e-mail borne malware and phishing, but eight percent of respondents said they plan to cut previously allocated funding for messaging security, e-mail encryption, e-mail security or instant messaging security technologies.
The survey also revealed that although 40 percent of respondents noted lost or stolen devices as a top security challenge for the next 12 months, 15 percent said they will be cutting budget allocations planned for mobile encryption and wireless security.
Other surveys have offered some interesting numbers, too. A survey from Ponemon indicated that 88% of breaches in 2008 were due to negligence and a survey from Verizon revealed 90% of breaches could have been prevented with security basics.
So perhaps the strained budgets could be a good thing??
What if an organization implemented awareness and accountability instead of more technology?
What if an organization implemented better knowledge that led to better decisions, less duplication and more efficiency across their silos/departments?
The bottom line would be improved with cost savings. The bottom line would be improved by targeting negligence. The bottom line would be improved by addressing security basics.
The bottom line is that perhaps strained budgets are a blessing in disguise…
