A new survey was revealed on January 12 2011 by Cisco conducted by “InsightExpress of 500 information technology decision-makers to uncover and qualify current sentiment on PCI Data Security Standard (PCI DSS) five years after the standard emerged”. Now surveys are great barometers of what is happening beyond our own organization’s and I encourage everyone to check out the findings. As with all such research, be aware of statistical kung fu before running with these figures.
The link to the full release is here.
Two statistics that were of particular interest to me were:
- 70% of respondents believe they are more secure as a result of PCI DSS. This is intriguing as most professionals would state that PCI aspects should be “spokes in a greater wheel”, and not the whole program. Perhaps respondents felt at a macro level all boats (or needles if one is looking at a information security dashboard) rose with the tide.
- “57% of respondents were satisfied with their current virtualization security posture.” – To me this is striking that there is such a great deal of confidence around an area that has great complexity. This is also encouraging, in that such great focus and energy exists around virtualization that is being addressed at the proper levels.
As we draw closer to RSA, I suspect there will be a bounty of great papers and studies to be consumed. I will do my best to highlight those that were interesting.