Author: June Middleton, JuMiddleton@jackhenry.com
Retailers, hospitals, government agencies, and details of their data breach woes continue to appear in news and social media headlines, and the pace of the data breach announcements appears to be speeding up, instead of slowing down. Organizations continue to spend thousands (if not tens of thousands of dollars) on technical security controls (firewalls, intrusion detection/prevention systems, anti-virus/anti-malware programs, encryption, access management, virtual private networks, etc.) to create strong security controls using a defense in depth strategy. In Computerworld’s Annual Forecast survey of 194 Information Technology (IT) executives, 43% of them expected their IT budgets to increase in 20151. Due to the recent high-profile security breaches at a myriad of companies, security spending propelled to the top of their IT priority list for 2015. If organizations have continued to increase IT security spending, then why are the bad guys still getting in? If only I had a dollar for every time I have heard or read ‘the human is the weakest link in IT security’ over the past 12 months.