McAfee: Database security threats motivating IT to do more

McAfee: Database security threats motivating IT to do more

Summary: McAfee releases findings from a survey of 400 IT decision-makers across nine countries on the challenges of risk and compliance management in business.

TOPICS: Security

More companies worldwide are apparently taking note that targeted cyber attacks are on the rise.

McAfee has published its second annual Risk and Compliance Outlook report, which pinpointed database security along with security information and event management as two of the top concerns for IT departments.

On security issues like bring-your-own-device (a.k.a. BYOD), there are plenty of reports and surveys that demonstrate that IT departments are nervous about this trend, but it's still questionable how much is actually being done to address it and meet employee needs better. That's either due to lack of awareness among employees and/or budget constraints, among other reasons.

However, McAfee found that IT departments are taking issues like database security more seriously because of an increase in highly publicized data breaches -- not to mention that a company's most vital and valuable information is usually stored in those databases.

Thus, McAfee revealed that 96 percent of organizations surveyed are allocating the same or more amount in their budgets for risk and compliance management this year. At least one third of them are planning to upgrade or install new software and appliances to meet their security needs.

For reference, the report is based on the responses from 438 IT decision makers, consultants and security analysts from companies with more than 250 worldwide employees in Australia, Brazil, Canada, France, Germany, New Zealand, Singapore, United Kingdom and United States.


Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • It is surprising

    How many applications still use a single database user for the whole application.

    This is a security hole you can ride a coach and horses through because as soon as a hacker gets access at the database level they can do anything at all to the data.
    • What?

      Why would I have an application that uses more than one database, discounting the need for an analytics DB or some other odd requirement? Why would any site have multiple databases from a security standpoint?

      Security is about managing risk, not creating a Rube Goldberg device.
      Your Non Advocate
      • You misread my post

        What I mean is an application that uses a single database USER for all data access rather than having a database user for every real user and restricting access at the database level (which is the secure approach).

        The relationship between database and application is one to many, so putting security in an application makes no sense at all.