RSA: A Forrester paper commissioned by Microsoft and RSA (the security division of EMC) claims that enterprises are too focused on compliance and not focused enough on protecting corporate secrets. Key findings include the following:
Secrets comprise two-thirds of the value of firms information portfolios.
Compliance, not security, drives security budgets.
Firms focus on preventing accidents, but theft is where the money is.
The more valuable a firms information, the more incidents it will have.
CISOs do not know how effective their security controls actually are.