No Silver Bullet Will Kill Cyber Security Threats (Fortune)


You want perfect data security? Dream on.

The need to protect corporate and personal information from unauthorized and possibly nefarious eyes was front and center this week at the MIT Sloan CIO Symposium in Cambridge, Mass.. But experts failed to agree about whether the forces of good are prevailing against the bad guys or even whether breaches are increasing—or are just more public than in the past.

There was consensus among C-level executives, however, that the hassle of complying with regulations actually diverts resources that could be better spent bolstering security.

Regulations with a security component include broad measures like the Sarbanes-Oxley Act governing corporate financial disclosures and Payment Card Industry rules for credit card transactions. But there are also a raft of mandates targeting specific industries. Examples include the Health Insurance Portability and Accountability Act or HIPAA covering health and medical information and the Federal Information Security Management Act that protects federal data and assets from “man-made threats.”