Follow the government's lead on security

Sometimes the government has to get it right. And one way for a company to get it right is to follow government regulations on security. A new report finds that a company's ability to protect sensitive data is helped by keeping an eye on how the government adds an extra layer of security protection. The report by the IT Policy Compliance Group, a Cleveland-based research firm, finds that companies that follow the regulations for compliance also do better on protecting their own security. "The results were definitely surprising," said Jim Hurley, the research firm's managing editor. "Until last year there was nothing in the quarterly data we collected to suggest such a relationship existed."

But an analysis of two years worth of data found a strong relationship between compliance success and data protection. The study was based on data collected from 2,000 companies and on publicly reported data losses and thefts. It found that companies with two or fewer compliance deficiencies annually are likely to have two or fewer data losses or thefts in the same time period. At the same time, companies that have 10 or more deficiencies in a year are likely to find themselves experiencing a data loss more than a dozen times during the year. It may be tough to follow the lead of someone else, but the outcome provides a good reason to do it.

For tips on reaching security nirvana:
- Take a look at this CIOInsight Article