I've come across many security stats in the course of blogging for a data encryption company. And, I'm often reminded of Mark Twain's observation (attributed to Disraeli), "there are lies, damn lies, and statistics," such as in the following case. According to a zdnet.co.uk article, a little under 50% of all UK firms know whether they've had an information security breach in the past year or not. Chinese firms in a similar position only number at 7%. That's right. Seven percent. In other words, UK companies are seven times more likely to not know what the heck's going on. With the alarm raised, the article goes further into the why of the situation.
I've come across many security stats in the course of blogging for a data encryption company. And, I'm often reminded of Mark Twain's observation (attributed to Disraeli), "there are lies, damn lies, and statistics," such as in the following case.
According to a zdnet.co.uk article, a little under 50% of all UK firms know whether they've had an information security breach in the past year or not. Chinese firms in a similar position only number at 7%. That's right. Seven percent. In other words, UK companies are seven times more likely to not know what the heck's going on.
With the alarm raised, the article goes further into the why of the situation.
Maybe it's just me, but my initial reaction was to jump to conclusions, and took it to mean that Chinese firms are that much more data-security oriented. It just doesn't sound right. I mean, aren't these the guys that have sold lead-traced trinkets and melamine-tainted milk and pet food, causing problems worldwide? (And that's not even hyperbole. It really was a global problem.) But, a handle on data security--something that so many countries have failed at--that they a grip on.
The problem with the stat, of course, is that it does not mean that only 7% of Chinese firms have experienced a data breach. It could well be that 100% of Chinese firms experienced breaches; it's only that 7% of them don't know about it, with the remaining 93% knowing and shrugging their shoulders, "so what?" It could also be that of many of these firms are, for the lack of a better word, lying. Not that I enjoy stereotyping an entire nation--one so large that Chinese is generally listed to be the most used language in the world. What I am saying, though, is that if some guy comes around asking about my security practices, I'll say "yes, we know what's going on." Why would I go around telling otherwise to a perfect stranger? In fact, I'm surprised by the UK responders. Of course, the rest of the article's observations still stand, and others as well, such as the need for encryption software.
The problem with the stat, of course, is that it does not mean that only 7% of Chinese firms have experienced a data breach. It could well be that 100% of Chinese firms experienced breaches; it's only that 7% of them don't know about it, with the remaining 93% knowing and shrugging their shoulders, "so what?"
It could also be that of many of these firms are, for the lack of a better word, lying. Not that I enjoy stereotyping an entire nation--one so large that Chinese is generally listed to be the most used language in the world.
What I am saying, though, is that if some guy comes around asking about my security practices, I'll say "yes, we know what's going on." Why would I go around telling otherwise to a perfect stranger? In fact, I'm surprised by the UK responders.
Of course, the rest of the article's observations still stand, and others as well, such as the need for encryption software.
Related Articles and Sites:http://news.zdnet.co.uk/security/0,1000000189,39809565,00.htmhttp://www2.ignatius.edu/faculty/turner/languages.htm