Languagesx
English Deutsch
Subscribe
Home Top 10 Best and Worst Technologies to Stem Data Breaches According to Security Professionals

Top 10 Best and Worst Technologies to Stem Data Breaches According to Security Professionals

A survey conducted by Securosis and financed by data security vendor Imperva of 1,100 security professionals yielded some interesting and conflicted results. The survey evaluated perceived effectiveness, not actual effectiveness, of several technologies (not specific products). The responses came from professionals across all major verticals and from organizations of varying sizes. Job titles included IT manager, IT security manager, IT security professional.

The top ten most effective controls were perceived to be:

  1. Access Management – Tools to restrict access to ?les/content beyond standard access controls.
  2. Server/Endpoint Hardening – Locking down systems, including whitelisting, HIPS, and other lockdown/patch
  3. management.
  4. Email Filtering – Basic keyword/regular expression ?ltering of email.
  5. Full Drive Encryption – Encryption of laptop/desktop drives.
  6. Network Segregation Isolating sensitive data/applications on subnets.
  7. Data Loss Prevention- Network – Tools capable of scanning for content with advanced techniques
  8. Data Loss Prevention- Endpoint – Tools capable of scanning for content with advanced techniques (more than regular expressions)
  9. USB/Media Encryption/Device Control
  10. Database Activity Monitoring – Tools to actively monitor all or some database activity (more than basic audit logs).

Securosis notes:

One major ?aw in the survey is that, despite our quality assurance and editing before releasing the questions, web application ?rewalls were omitted from the potential response list, and rated well in the previous questions. WAF was also the most cited write in control, followed (again) by user education.

Here’s what the respondents thought were the least effective:

  1. Email Filtering
  2. USB/Portable Media Encryption or Device Control
  3. Database Activity Monitoring
  4. Backup Tape Encryption
  5. Content Discovery (Process)
  6. Network Segregation
  7. Other (list in comments)
  8. Enterprise Digital Rights Management
  9. Data Masking
  10. Full Drive Encryption

What’s interesting is that e-mail filtering came in as number three on the list of most effective list and number one on the “least effective” list.

“There will always be a gulf between perceived and actual security,” says Chris King, director of product marketing at Palo Alto Networks. “Aside from the fact that the latter is difficult to measure (all we can measure is our opinion of its effectiveness), threats are a moving target.”

Securosis’ survey found that most controls were actually pretty effective. “Around half of respondents reported that nearly half of the controls completely or dramatically reduced incidents.”

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

tags
klint finley
Contributor

.

Related News

Logitech offers mouse and keyboard users free ChatGPT upgrade with AI Prompt Builder. A robotic hand with silver metallic fingers holds a black computer mouse on a red background. Text at the top of the image reads from left to right: "Recipes Instructions 0". Below that is a text box with the following options, top to bottom: "Rephrase", "Summarize", "Reply", "Create Email", "Brainstorm".
Logitech offers mouse and keyboard users free ChatGPT upgrade
Suswati Basu
Streets of Sakarya city during the Ottoman Empire
Medium bans AI-generated content from its paid Partner Program
Sophie Atkinson
How to tell if something is written by ChatGPT
How to tell if something is written by ChatGPT
James Jones
Elon Musk black and white side profile, on a dark blue background which features a large Tesla logo. wads of money rain down on the logo
Elon Musk to raise Tesla AI staff salaries to curb OpenAI poaching
Ali Rees
a conceptual image with a magnifying glass and large 'AI' letters to symbolize AI detectors.
5 best AI content detectors
James Jones

Most Popular Tech Stories

Latest News

Release of Prison Architect 2 has been further delayed to September 2024
Gaming

Prison Architect 2 delayed again, this time to September
Graeme Hanna3 hours

A second delay has been confirmed for Prison Architect 2, less than a month before the expected launch date. The game is now expected to launch on Sept. 3. The...

Popular TopicsArrow right.svg

AI
AI
AR / VR
AR / VR
Cryptocurrency
Cryptocurrency
Gaming
Gaming
Smartphone
Smartphone
Gambling
Gambling
Wearables
Wearables
Web
Web

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.