In today's headlines it was declared that the theft of millions of customers' credit card numbers from discount retail giant TJX was due to outdated security systems. The headline resonated with me so loudly, it was almost deafening. I could not help but think, "DUH."
We are in the final stages of writing our first Market IQ Report, on Content Security. Two of the more interesting findings in the report echo the headline. So I figured I would share a glimpse into them, given the relevancy to today's news. Survey findings seem to suggest that the revelation regarding TJX is not the exception, but the norm. Despite the availability of a host of technology solutions that keep pace with the technologies that enable content proliferation and creation, security remains the ugly setp child in most organizations.
When asked to identify where they believed content security was in its market adoption cycle, the great majority of respondents indicated "early majority." The market perception is that most companies have embraced security technologies and have updated their systems. Upon inspection of other survey data, however, we found that most organizations have not made investments in security. Indeed, individual responses indicated that content security, although recognized, typically is without a project owner, sponsor, clear budget and implementation time line. Organizations seems to be doing mush talking about security (including compliance and discovery), but are not taking much action. Reported uptake of technologies is very low, with the only somewhat exception being in traditional tools such as records and document management. Many organizations will probably find themseleves like TJX, concluding that breaches in content security were caused by "outdated systems". One has to ask, give all the attention on compliance, e-discovery and major security breaches of late, what will it take for organizations to take content security seriously, as a senior management issue, funded, sponsored and adequately addressed and updated. Does it take "getting caught", like TJX? One wonders what that company's plans for security are now.
Want to know more? Stay tuned. Details regarding the statistics quoted in this blog, and much more are forthcoming in the AIIM Market IQ on Content Security, due for publication to the AIIM site in less than 2 weeks.
