0 evaluări0% au considerat acest document util (0 voturi)
60 vizualizări12 pagini
This report looks at the extent of the challenges faced by organizations. It examines the shortfalls of the security technologies many organizations have. It concludes by looking at some of the misconceptions about digital rights management.
Descriere originală:
Titlu original
What keeps your CEO up at night? The insider threat: solved with DRM
This report looks at the extent of the challenges faced by organizations. It examines the shortfalls of the security technologies many organizations have. It concludes by looking at some of the misconceptions about digital rights management.
This report looks at the extent of the challenges faced by organizations. It examines the shortfalls of the security technologies many organizations have. It concludes by looking at some of the misconceptions about digital rights management.
What keeps your CEO up at night? The insider threat: solved with DRM June 2014
Organizations are becoming more and more aware of the problems posed by their own users. To address this, they are looking for security technologies that can provide pervasive protection of data, so that breaches do not occur as a result of the careless or malicious activities of insiders. Most need to do this for a broad base of users that includes both employees and external users, who need to safely share data to drive business processes as they go about their legitimate day-to-day tasks.
This report looks at the extent of the challenges faced by organizations when it comes to the insider threat and the protection of sensitive information. It examines the shortfalls of the security technologies many organizations already have in place for mitigating the risk of data breaches, which are not fully effective when it comes to addressing the insider threat. It finishes by looking at some of the misconceptions about digital rights management (DRM) and makes the case that this is one of the best security technologies to provide the pervasive protection required against insider threats. What keeps your CEO up at night?
Quocirca 2014 - 2 - What keeps your CEO up at night? The insider threat: solved with DRM? EXECUTIVE SUMMARY: The insider threat, the problem of legitimate users accidentally or intentionally leaking confidential data, is one that many organizations have been complacent about to date. However, awareness is increasing about the threat itself and the shortcomings of traditional security tools for mitigating the insider threat. This has led to an increasing interest in digital rights management (DRM), a technology that protects the data itself.
The insider threat is rising up the list of IT security threats There is a wide range of issues to worry IT and business managers when it comes to IT security. In the past, much of the focus has been on threats that come from outside the business, such as malware and hackers. However, more and more data leaks are shown to be attributable to legitimate users and the focus is switching to mitigating the insider threat. Some insiders are just careless, others are malicious The majority of insider incidents are accidental; emails sent to the wrong recipient or lost devices. While such incidents will never go away, organizations can work with users to improve behavior. More insidious is the intentional theft of data, most commonly by users moving from one employer to another, or for financial gain, espionage or just because they bear a grudge. There is a fundamental need for the broad sharing of data More and more business processes rely on the sharing of data, not just between employees but also with users from customers and business partners. Controlling the sharing of data is compounded by the range of online tools users can access including email, social media and cloud storage services. The line between legitimate users and outsiders can become blurred without sufficient controls. Traditional security measures do not fully address the insider threat Organizations are reliant on their existing security technologies to counter various risks, including firewalls, data loss prevention (DLP) and identity and access management (IAM). Along with written policy and user training, some have a role to play in mitigating the insider threat, in particular IAM. However, with many different systems in use there are bound to be gaps and none of these systems are designed to protect the data itself from insider threat. One technology that is focused on protecting actual data is digital rights management (DRM). DRM is not as widely used as other security technologies There are two reasons why DRM is not currently as widely adopted as other security technologies. First, one of the key strengths of DRM is its power to mitigate insider threats, a risk area that many organizations have been complacent about. Second, there are a number of misconceptions about what can be achieved with DRM, including scalability and its acceptability to users. These concerns can be overcome with a state-of-the-art DRM deployment. DRM provides key features that better protect against insider threats With a DRM system all documents are classified from the moment of creation and monitored throughout their life cycle. Policy is controlled via an online server, which is referred to each time a sensitive document is accessed and an audit trail of who has done what to a document, and when, is collected and managed.
Conclusion: More so than conventional security solutions, DRM is perhaps the most well suited technology for mitigating the insider threat and for ensuring IT and business managers can get a better nights sleep.
What keeps your CEO up at night?
Quocirca 2014 - 3 - Why insider threats are an increasing concern Businesses have a wide range of issues to worry about when it comes to IT security; malware, data protection and hackers all come near the top of the list of perceived concerns, as research published by IS Decisions in 2013 1 shows
(Figure 1). Many of these threats, and therefore the defenses put in place, are focused on stopping illegitimate outsiders getting access to internal systems and the sensitive information they store and process. However, creeping up the list of problems keeping CEOs awake at night, with regard to IT, is one that is already within every organization the insider threat: the way legitimate users abuse their access rights.
There are good reasons for this. SafeNets Breach Level Index 2 measures actual incidents rather than perceptions. It reports that of the publicly disclosed breaches in Q1 2014, 58% could be attributed to malicious outsiders, 13% malicious insiders and 26.5% were accidental losses, which are also attributable to insiders (for example sending emails to the wrong people and losing devices). That adds up to almost 40% being down to insiders. Even such empirical data cannot be absolute; not all breaches are reported and many, especially those involving insiders, may go unnoticed or take a long time be discovered (Figure 2). Furthermore, regardless of the number of incidents, SafeNets report claims that insiders account for more than half of the actual information lost.
That the careless use of data should be a concern is also reported in the IS Decisions report 1 ; when it comes to insiders, ignorant users are shown to be most worrying perceived threat (Figure 3). Careless employees are clearly a problem, but they can be admonished and attempts can be made to modify their behavior through training. Many organizations are also putting in place technology to enforce controls with regard to what the user can do with their access rights to reduce the number of careless instances. Users should accept such safeguards if they understand they are there to help prevent bad practice.
The malicious insider is another matter. When a user does turn against their employer they often know exactly what content is worth stealing and will attempt to work around security controls. There are a number of reasons for the malicious theft of data by insiders. One of the most common is that they believe data will be valuable to them in a new job. According to Verizons Data Breach Investigations Report 3 , 70% of the thefts of intellectual property, most commonly of customer and financial data, are committed within thirty days of an employee resigning from their job. Other motives include financial gain, industrial espionage and simply bearing a grudge.
What keeps your CEO up at night?
Quocirca 2014 - 4 - Even after a user has gone, problems can persist; many cases of theft involve ex-employees who have insider knowledge and, in some cases, have been able to retain access credentials. Recent research published by Lieberman Software shows that 1 in 8 IT security professionals could still access a previous employers systems using old credentials 4 .
The insider threat is also compounded by the fundamental need to share data. No organization exists in isolation; all must interact with the outside world. This is exacerbated by the growing number of channels via which documents can be shared. Such sharing, while essential for driving businesses processes, increases the possibility that information will be misused and sometimes will inevitably end up in the wrong hands.
Many of these channels are available as cloud-based services, making it easy for them to be invoked directly by users. Email is still the most common online activity and, according to Verizon 3 , is the most common method for employees to steal documents. Many will know, to their cost, that it is all too easy to accidentally forward confidential files to the wrong recipients. There is a growing new danger as users share content via various social media sites.
Another big problem area is the use of online document storage services. Strategy Analytics 5 lists the top four, amongst a large number of options, as Apple iCloud/iTunes (27%), Dropbox (17%), Amazon Cloud Drive (15%) and Google Drive (10%). The attraction to users is to be able to backup data and access it from any device. The danger for businesses is that confidential data gets caught up in the mix and ends up in public stores or on unmanaged user devices.
Copying to USB devices and printing are two other potential problems and both ones that users could carry out while a device is offline in an attempt to conceal their actions. Verizon 3 reports that USB devices account for 6% of insider thefts and that 26% is via print.
This need to share data, often with individuals that are not employed by the organization that owns the data in the first place, makes drawing a line between insiders and outsiders tricky. Research from Vormetric 6 shows the extent of this (Figure 4). This, taken with the reality that any user can be anywhere, often using their own devices, means there is a need to take a broad view of the term insider. One way to look at it is that an insider is anyone who has been given some level of legitimate access to information, as opposed to the outsider who has sought illegitimate access. That said, one of the problems with outsiders is that they often pose as insiders through the theft of identities.
All of these security issues must be mitigated by the security technology an organization has in place to protect itself. However, many traditional security tools have shortfalls when it comes to protecting against the insider threat.
What keeps your CEO up at night?
Quocirca 2014 - 5 - The limitations of traditional IT security for protecting against the insider threat Mitigating the insider threat requires that data is protected at all times when it is stored, when it is in use and when it is being moved and shared across networks. All the various technologies that organizations deploy to secure their information have a role to play in protecting against the insider threat; however, each also has weaknesses and/or limitations. Furthermore, the very number of them may provide a false sense of security and lead to gaps being left in the protection that is in place. The Ponemon Institute reports that only about 20% of organizations say they are confident that cybersecurity threats do not sometimes fall through the cracks of existing security systems 7 .
Network edge security Firewalls and intrusion detection/prevention systems (IDS/IPS) define the limits of a given set of IT resources; they are all about keeping unauthorized outsiders out. As such, these technologies are of little help when it comes to mitigating the insider threat. Many consider that, in the age of mobile users and cloud computing, such network edge technologies have little to offer and that a new IT perimeter needs defining.
Identity and access management (IAM) and user authentication Many believe the new perimeter lies with the users wherever they happen to be Identity is the new perimeter, as a 2012 Quocirca report asserts 9 . IAM does nothing to directly protect data from misuse, but it does have a key role to play when it comes to distinguishing insiders from outsiders and ensuring users are who they say they are. Before user actions can be judged it must be clear who they are and what access rights and privileges they have. Verizon 3 calculates that 88% of insider incidents rely on higher than usual privilege. IAM also allows an organization to react to the changing status of users, removing access rights rapidly and comprehensively.
The theft of such credentials is a common way for outsiders to gain access to an organizations IT systems. This is best mitigated though the use of strong authentication, which is also essential for maintaining veracious audit trails. Strong authentication also prevents bad practices such as the sharing of identities. Malicious insiders often use someone elses credentials to cover their tracks. CIA employee Edward Snowden simply asked colleagues for their passwords in order to get access to some of the information he disclosed in the widely publicized leakages attributed to him during 2013.
System level security Host-based security applied to servers and user devices controls activity on a given virtual or physical device. Whether it is to control access to files, detecting malware or preventing certain applications from running, end points are safer with system level security than without it. However, once information leaves a given end point the local security controls cease to apply.
Malicious theft from airline A case cited in a paper titled Security beyond the firewall 8 highlights the danger of not fully depriving former employees of access to IT systems. A senior employee left Air Canada and joined a competitor. Using continued extranet access, the employee colluded with his new employer to steal documents regarding route plans, ticket costs etc. estimated to be worth US $220K. The theft was carried out via 250,000 network entries; anomalous behavior that was not detected to access documents with insufficient protection. Employee emails personal data to wrong recipient Who has not sent an email to the wrong person? In December 2013 an undisclosed number of customer names, social security numbers, addresses, dates of birth and group retirement plan names was accidentally emailed to wrong recipient by an employee at the Massachusetts Mutual Life Insurance Company (MassMutual). In this case the user was doing their job; the system allowed them to mishandle regulated data, it should not have done (source http://datalossdb.org/) Employee loses tax files copied to CD In a high profile case a few years ago, an employee of the UKs tax office, the HMRC (Her Majestys Revenue and Customs) downloaded the private details of 25 million families to a file and copied them to a CD that was then lost in the mail. There was no malicious intent; just a legitimate need to share data. Due to a lack of DRM, the user was allowed to manipulate data and files in a highly insecure way. The loss made headline news in the UK causing embarrassment to the government and concern among taxpayers. What keeps your CEO up at night?
Quocirca 2014 - 6 - System level security cannot effectively address the insider threat because the very nature of the problem is the movement of valuable data assets from one device to another, within or beyond a given organizations infrastructure. Protection needs to be data-centric rather than system-centric to effectively address the insider threat.
Network traffic inspection and data loss prevention (DLP) Network traffic inspection checks on data in transit, helping to detect malware and the unwanted egress of data. Again, this is mostly aimed at detecting the unwanted attention of outsiders. It also only addresses data at a point in time when it is in motion, not when it is in use on devices or at rest on a storage system. To make such inspection more useful it needs a layer over the top that links network traffic to users, which is the role of a DLP system.
DLP monitors data in transit and, linked with IAM, can observe and detect careless and malicious behaviors. However, protections only apply where DLP is deployed; once files are outside of a given organizations direct control there is no way to monitor them. Beyond the reach of DLP, insiders can share files with impunity. Furthermore, DLP systems are not designed to maintain continuous audit trails for individual files.
Encryption Sometimes put forward as the Holy Grail of IT security, encryption is good for protecting information stored to disk and in transit over networks. However, there is no point in having data in the first place if it cannot be used and, to do that, the files in question must be fully or partially decrypted and insiders with access rights must have access to the decryption keys. Once a file is decrypted the user is free to copy and share it without further controls being imposed. This includes not just copying the files itself, but taking screenshots, cutting and pasting, printing and so on, all ways of stealing unencrypted data.
Data access and usage policies All organizations should have clear guidelines in place for how data is used and users should be constantly reminded of them. However, obviously users cannot be relied on to remember all the details, and the careless insiders (which will be all users at some point) will be grateful for technology that helps prevent mistakes while the malicious insider will, of course, ignore such policies. Research reported by CBR 10 in May 2014 showed that only about half of organizations have implemented an internal information security policy. That, in itself, seems low, but just having a policy is not enough, controls need to be put in place that police user behavior and the misuse of data for whatever reason.
Employee security training User education should be a regular and on-going process, however, as with usage policies, all users will lapse into bad practice at some point and the malicious insider will find pointers in their training to working around the security controls that aim to prevent the theft of data. The data reported by CBR 10 suggests only 47% of organizations have staff training programs in place. This figure needs to be much higher but, even if it were, users forget and/or ignore what they have been told; as with usage policy, training needs reinforcing with technology.
So what is the answer to mitigating the insider threat? So, is there a truly data-centric approach to security that can address all aspects of the insider threat, protecting data at rest, in transit and in use? One that ensures that security policies are enforced, audit trails are maintained, while enabling legitimate insiders to access data wherever they happen to be? The one technology that can achieve all this is a digital rights management (DRM) system. Arguably, when it comes to the pervasive protection of an organizations data assets against the insider threat, DRM is the most comprehensive single technology available.
DRM is not a new idea; the concept has been around since the late 1990s. The aim of DRM is to enable legitimate users (insiders), through granular access controls, to use data safely, ensuring they cannot over-exploit their access rights. Increased awareness of the insider threat has seen a recent new interest in DRM as an effective protection against insider threats. The concern has been increasing that insiders can share access to sensitive files with outsiders and that conventional security products could not adequately prevent this. So, if DRM has been around so long and is an effective protection, why hasnt it already been adopted more widely?
What keeps your CEO up at night?
Quocirca 2014 - 7 - Why isnt everyone already using DRM? Quocirca research 11 shows that about 40% of organizations have some form of DRM in place (Figure 5), while about 60% have DLP in place. If DRM can play such a big role in protecting against the insider threat, why has there not been wider adoption? One reason is that many have been complacent about the insider threat and focused on technologies that protect against outsiders. However, as concern about the insider threat increases, more are looking in more detail at the capability DRM has to provide for broad protection of their data. As they do so, some previously held misconceptions are being overcome. These include:
DRM is not an enterprise-wide technology In the past some have considered that DRM is only appropriate for departmental deployments. While it is true that many organizations start by putting controls in areas where users are given access to the most sensitive of material, such as legal and finance, many DRM systems are capable of scaling across and beyond the enterprise to encompass all users of classified documents. Deployment times and integration capabilities are improving.
Support for file formats is limited Effective DRM must support all files containing sensitive data that can be manipulated by users. The range of formats supported by most DRM systems has increased over time to include all common office suites, standard document formats, text files and PDFs. Some DRM vendors offer customer support for unusual file formats used by specific customers.
DRM is intrusive By its very nature DRM is intrusive, but only when users step out of line. There is little impact on the user experience for those going about their daily work, making legitimate use of documents and sharing them with those that also have access rights. As DRM systems have become better at supporting other applications, such as office suites and PDF readers, they are transparent to users while policies regarding sensitive files are not violated. DRM should, therefore, be positioned as protective technology for the user, rather than a restrictive one, and an effective DRM system should be transparent to users until they make a mistake or abuse their access rights.
We should trust our users Most humans have an innate desire to trust and this extends to a business and its employees. However, as has been pointed out, misuse of documents is not just malicious, it is often just carelessness user ignorance is easier to accept as a starting point for DRM adoption. Furthermore, access increasingly needs to be extended to external users over whom a given business has less control and therefore less reason to trust.
DRM systems are overpriced All technology, including any security product, has a cost. The view taken of the cost of implementing DRM should not be just about the impact on the bottom line but also about the reduction of business risk and creation of business value. As with any technology, early adopters will benefit at the expense of competitors and, as adoption increases, prices will come down.
We dont believe vendors that tell us DRM is the answer to the insider threat DRM is not a silver bullet for protecting against the insider threat: however, neither is any other single security technology. Effective overall IT security will always require deploying a wide range of security systems to protect against a wide range of threats. However, arguably, DRM is the most effective way of ensuring security policies travel with data wherever it goes and the documents are protected in use, when stored and in transit. The pervasive protection offered to a wide range of documents at all times is why DRM is effective at mitigating the insider threat.
What keeps your CEO up at night?
Quocirca 2014 - 8 - Mitigating the insider threat through DRM What specific aspects of DRM (sometimes termed Enterprise DRM or EDRM) make it so effective at countering the insider threat?
It starts with securing the data and assigning the appropriate level of access per insider no other security technology is designed specifically to classify every file, apply policy to it and monitor it from the moment of creation, throughout its life cycle, including access, editing, copying, sharing, printing and transforming, while maintaining a continuous audit trail for the document itself. This level of control can be used to prevent careless and malicious misuse of documents by insiders and, when a breach occurs, it should be clear who has been involved.
Documents are classified based on rules laid down by the organization implementing DRM, which can take account of the regulatory regime in which it operates. Data with no sensitivity, such as marketing materials, can be freely shared while the focus for DRM is on monitoring sensitive and regulated materials. Users should not be expected (or trusted) to classify documents themselves, which would offer no protection from the insider threat; this must be done completely independently and automatically by the DRM system.
Access policies, defined within the DRM system, control which users have what right to access the data. Application of policy must be pervasive. Most of the time enforcement can be via an online policy server. That said, there is, of course, much benefit in users being able to work with documents on mobile devices while in remote locations; for example editing a report on a laptop or sharing a presentation on a tablet. In such cases a user may not be online. Permissions and controls must be extendable to offline use for given files, for a given period of time. Any actions performed offline are checked against the policy server next time the device comes online and audit trails updated.
To further mitigate the inside threat, baselines for patterns of normal data usage can be established within the DRM system over time. Deviations in either the way a certain type of user is acting or the way given types of files are being manipulated, that are typical of insiders behaving maliciously or carelessly, can then be observed and pre-defined actions taken.
Finally, the audit trail recorded for every sensitive file details user identities, time stamps and the actions carried out on a given file. Audit trails were considered the most important of a range of security technologies in a recent Quocirca report 12 (Figure 6). These are essential not just for internal investigation and reporting to auditors when a breach has occurred, but also for evolving both written and DRM system policy and improving training. The net result is to make the use of data safer and more effective.
What keeps your CEO up at night?
Quocirca 2014 - 9 - Conclusions More and more organizations are facing up to the insider threat; this is not just because they perceive the problem, but also increasingly because they have been a victim of a data breach through an insiders carelessness or malicious behavior. To protect against the insider threat, they need to look beyond the traditional security technologies that they have already deployed for pervasive protection of data. To this end many are overcoming previously held misconceptions and turning to DRM.
In comparison to other conventional security technologies, DRM arguably provides superior protection against insider threats. It provides protection against insiders who could be abusing their insider access accidentally or maliciously while enabling legitimate users to safely and appropriately access data. That should see many CEOs get a better nights sleep.
If you answer yes to these questions, your organization may be at an increased risk of insider threats 1. Has your organization installed a range of conventional security technology, such as network and system security products, but still been affected by data breaches? 2. Does your organization allow the same level of access to confidential information for all employees? 3. Does your organization work with 3 rd party vendors it cannot trust 100% to protect shared confidential information? 4. Would a soon-to-be ex-employee be able to take confidential information via a USB device, screen capture or print out and share it with a competitor? 5. If an employee is able to access confidential company information on their personal device and loses it, could an outsider gain access to the lost device and the information stored on it? What keeps your CEO up at night?
Quocirca 2014 - 10 - References 1 IS Decisions: The Insider Threat Security Manifesto, 2013 http://www.isdecisions.com/insider-threats-manifesto/
2 SafeNets Breach Level Index http://www.breachlevelindex.com/
3 Verizons Data Breach Investigations Report http://www.verizonenterprise.com/DBIR/
4 Lieberman Software: May 2014 http://go.liebsoft.com/Information-Security-Survey-2014
5 Strategy Analytics data reported in eWeek, March 2013 http://www.eweek.com/storage/apple-dropbox-google-battle-for-cloud-storage-market-share/
7 Ponemon Institute: Exposing the Cybersecurity Cracks: A Global Perspective http://www.websense.com/assets/reports/report-ponemon-2014-exposing-cybersecurity-cracks-en.pdf
8 Security beyond the firewall: Xerox/David Drab, 2007 http://semanticommunity.info/@api/deki/files/8051/DavidDrab05142008.pdf
9 Quocirca, The identity perimeter, September 2012 http://www.quocirca.com/reports/791/the-identity-perimeter
10 CBR - Rogue employees are biggest threat to information security, May 2014 http://www.cbronline.com/news/rogue-employees-biggest-threat-to-information-security-4263652
11 Quocirca: Getting to grips with BYOD, May 2014 http://www.quocirca.com/reports/947/getting-to-grips-with-byod
12 Quocirca: The adoption of cloud based services, July 2013 http://www.quocirca.com/reports/927/the-adoption-of-cloud-based-services
About Fasoo
Fasoo has been successfully building its worldwide reputation as an EDRM (Enterprise Digital Rights Management) solution provider with industry leading solutions and services. Fasoo solutions allow organizations to prevent unintended information disclosure or exposure, ensure a secure information-sharing environment, better manage workflows and simplify secure collaboration internally and externally. Fasoo Enterprise DRM, a data-centric security solution, safeguards and prevents unauthorized use of digital files and provides persistent and reliable protection of the files with effective file encryption, permission control and audit trail technologies. Fasoo has successfully retained its leadership in the EDRM market by deploying solutions for more than 1,200 organizations in enterprise- wide level, securing more than 2 million users.
More on Fasoo's products and services can be found at http://www.fasoo.com
About Quocirca
Quocirca is a primary research and analysis company specialising in the business impact of information technology and communications (ITC). With world-wide, native language reach, Quocirca provides in- depth insights into the views of buyers and influencers in large, mid- sized and small organizations. Its analyst team is made up of real- world practitioners with first-hand experience of ITC delivery who continuously research and track the industry and its real usage in the markets.
Through researching perceptions, Quocirca uncovers the real hurdles to technology adoption the personal and political aspects of an organizations environment and the pressures of the need for demonstrable business value in any implementation. This capability to uncover and report back on the end-user perceptions in the market enables Quocirca to provide advice on the realities of technology adoption, not the promises.
Quocirca research is always pragmatic, business orientated and conducted in the context of the bigger picture. ITC has the ability to transform businesses and the processes that drive them, but often fails to do so. Quocircas mission is to help organizations improve their success rate in process enablement through better levels of understanding and the adoption of the correct technologies at the correct time.
Quocirca has a pro-active primary research programme, regularly surveying users, purchasers and resellers of ITC products and services on emerging, evolving and maturing technologies. Over time, Quocirca has built a picture of long term investment trends, providing invaluable information for the whole of the ITC community.
Quocirca works with global and local providers of ITC products and services to help them deliver on the promise that ITC holds for business. Quocircas clients include Oracle, IBM, CA, O2, T-Mobile, HP, Xerox, Ricoh and Symantec, along with other large and medium sized vendors, service providers and more specialist firms.
Details of Quocircas work and the services it offers can be found at http://www.quocirca.com
Disclaimer: This report has been written independently by Quocirca Ltd. During the preparation of this report, Quocirca may have used a number of sources for the information and views provided. Although Quocirca has attempted wherever possible to validate the information received from each vendor, Quocirca cannot be held responsible for any errors in information received in this manner.
Although Quocirca has taken what steps it can to ensure that the information provided in this report is true and reflects real market conditions, Quocirca cannot take any responsibility for the ultimate reliability of the details presented. Therefore, Quocirca expressly disclaims all warranties and claims as to the validity of the data presented here, including any and all consequential losses incurred by any organization or individual taking any action based on such data and advice.
All brand and product names are recognised and acknowledged as trademarks or service marks of their respective holders.
REPORT NOTE: This report has been written independently by Quocirca Ltd to provide an overview of the issues facing organizations when it comes to information security.
The report draws on Quocircas extensive knowledge of the technology and business arenas, and provides advice on the approach that organizations should take to put in place more effective information security.