November 3, 2008
Social Media Release: Data Leakage Worldwide: Part 2 — Cisco Research Assesses Effectiveness of Security Policies
Cisco Systems, Inc. (NASDAQ: CSCO)
Part 2: Highlights/Key Facts: November 3, 2008
Cisco releases second set of behavioral research findings on data leakage that features perceptions and behavior of 2,000 employees and IT professionals in 10 countries: the United States, United Kingdom, France, Germany, Italy, Japan, China, India, Australia, and Brazil. Key Findings: The Effectiveness of Corporate Security Policies
One in four companies do not have data protection or security policies. Policy awareness gap between employees and IT: Between 20-30 percent more IT respondents are aware of security policies than employees. Communication disconnect: IT oftentimes communicates policies in an indirect, non-verbal manner, such as email, voicemail, paperwork, etc. Lack of direct, verbal engagement a big reason for gap in IT-employee security policy awareness. Top reason why employees defy corporate security policy: Lack of alignment between policies and reality of doing their jobs. One of five IT professionals said data leakage incidents involved the loss of customer data.
Cisco Chief Security Officer John N. Stewart and other executives from the company describe research findings, provide recommendations for establishing and communicating security policies to employees and explain how to protect businesses if policies are broken. http://tools.cisco.com/cmn/jsp/index.jsp?id=80358
Part 1: Highlights / Key Facts: October 21, 2008
Cisco releases behavioral research revealing the most common data leakage risks and mistakes employees make in businesses of all sizes, in various industries around the world. (www.cisco.com/go/dlp) The research features perceptions and behavior of 2,000 employees and IT professionals in 10 countries: the United States, the United Kingdom, France, Germany, Italy, Japan, China, India, Australia, and Brazil.
Key Findings: Many employees admit a number of risky behaviors, such as:
Altering security settings to bypass corporate security policies and access unauthorized sites Accessing unauthorized areas of networks and facilities Sharing sensitive corporate data with non-employees Sharing corporate devices with non-employees Losing portable storage devices Allowing others to "tailgate" behind them into corporate facilities Leaving devices with passwords to personal financial accounts and corporate systems unattended and unlocked
Cisco Chief Security Officer John N. Stewart and other executives from the company provide insight into their experiences and approaches to preventing data loss as guidance for businesses and their IT organizations: http://tools.cisco.com/cmn/jsp/index.jsp?id=79228
Tags / Keywords:
Security, Cisco security, network security, data loss, data leakage, data loss prevention, data protection, IT security, employee behavior, IT perceptions, security policy, IT policy, corporate policy, policy
Links / URLs:
Research results: www.cisco.com/go/dlp White paper Part 1: http://cisco.com/en/US/solutions/collateral/ns170/ns896/ns895/white_paper_c11-499060.html White paper Part 2: http://cisco.com/en/US/solutions/collateral/ns170/ns896/ns895/white_paper_c11-503131.html Cisco Platform blog: Do You Know Where Your Data Is? http://blogs.cisco.com/news/comments/do_you_know_where_your_data_really_is/#more Cisco Platform blog: Picture Window http://blogs.cisco.com/news/comments/picture_window1/#more DigItAll Consumer: Data Leakage Concerns for Consumers: http://blogs.cisco.com/consumer/comments/data_leakage_concerns_for_consumers DigItAll Consumer: How to Avoid Vulnerabilities Online: http://blogs.cisco.com/consumer/comments/how_to_avoid_vulnerabilities_online DigItAll Consumer: Threats to Consumers on the Internet: http://blogs.cisco.com/consumer/comments/threats_to_consumers_on_the_internet YouTube Channel: http://www.youtube.com/Cisco
John N. Stewart, Chief Security Officer, Cisco
"Businesses are enabling employees to become increasingly collaborative and mobile. Without modern-day security technologies, policies, awareness and education, information is more vulnerable. Today, data is in transit, in use, within programs, stored on devices, and in places beyond the traditional business environment, such as at home, on the road, in cafes, on airplanes and trains. This trend is here to stay. To protect your data effectively, we need to start understanding the risk characteristics of business and then base technology, policy, and awareness and education plans on those factors."
Embedded Videos, Images and Podcasts:
Internet TV Broadcast on Study Results: Part 2: http://tools.cisco.com/cmn/jsp/index.jsp?id=80358 Part 1: http://tools.cisco.com/cmn/jsp/index.jsp?id=79228
John N. Stewart: Cisco CSO's Security Strategy
Christopher Burgess: Data Leakage & the Threat Landscape
Nasrin Rezai: Cisco's Approach to Preventing Data Leakage
Traditional Press Release: Part 2: http://newsroom.cisco.com/dlls/2008/prod_102808.html Part 1: http://newsroom.cisco.com/dlls/2008/prod_093008.html
RSS Feed for Cisco: http://newsroom.cisco.com/dlls/rss.html
Embedded Video Available: http://www2.marketwire.com/mw/release_html_b1?release_id=448088
Contact Information: Press Contact(s) Neil Wu Becker Cisco Systems, Inc. +1 408 525 7415 [email protected] Industry Analyst Relations Todd Hanson Cisco Systems, Inc. +1 408 853 8255 [email protected]
SOURCE: Cisco Systems, Inc.