The Sydney Morning Herald reports on a Carnegie Mellon CyLab survey that found companies need both a chief information officer and a chief security officer to adequately protect their data. According to Jody Westby of Carnegie Mellon, 70 percent of senior executives "rarely, never or only occasionally review and approve security and privacy policies...and 59 percent rarely, occasionally or never receive regular reports from IT management." While the number of organizations with a dedicated risk management team has gone up from eight percent to 46 percent in the past two years, just 13 percent of companies employ a privacy officer. "It's no wonder there are so many breaches," says Westby. "Privacy, security and cybercrime are three legs of the same stool. They have to think of them as inter-related."
If you want to comment on this post, you need to login.