Many global business decision makers are unaware of the implications of the forthcoming General Data Protection Regulation (GDPR), as well as other compliance regulations like PCI-DSS and ISO27001/2, with one in five admitting they do not know which regulations their organization is subject to.
Never before has cybersecurity presented such a complex challenge. IT infrastructures now consist of employee desktop PCs and Macs, servers and storage platforms, multiple private and public clouds, on-premises data centers, and hundreds to thousands of mobile devices and apps.
If an organization knows software patches have not been applied and takes no action to remedy the situation, they could be considered negligent and held liable, and suffer significant financial and public relations consequences.
Eighty-five percent of federal IT managers say their agency is more focused on combating insider threats today than one year ago, and most are formalizing their efforts through formal insider threat programs, according to MeriTalk’s 2017 Federal Insider Threat Report, underwritten by Symantec
There is a world of difference between knowing the right thing to do and actually following through and doing it. Think about doctors who repeatedly remind their patients to quit smoking, or to be careful with their cholesterol, to get regular exercise and adopt healthier eating habits instead of eating bacon with every meal. We know what we should do. Quite often, though, that knowledge is not enough to actually change our behavior.