Twitter chat: Top information security threats revealed

May #GRCchat participants share top information security threats and how to prevent data breaches caused by the biggest culprits: employees.

Before the 2013 ISSA International Conference, SearchCompliance Site Editor Ben Cole asked speaker and Providence Health & Services CISO Eric Cowperthwaite to explain the primary sources of top information security threats for modern organizations: "The reality today is the vast majority of employees have some way to be mobile, whether it's on laptops the company provides, or their smartphone, or logging in via VPN and computing from anywhere," Cowperthwaite said. "That's a huge area of concern."

During May's SearchCompliance #GRCchat, participants took to the Twitter-sphere to discuss the best methods for minimizing business ramifications of security breaches -- especially as employees are increasingly mobile. Tweet jam expert and former Federal Communications Commission CIO Robert Naylor chimed in throughout the Twitter discussion to share his perspective and offer advice:

Ben Cole agreed:

As big data, mobility, the cloud and innovative consumer technologies work their way into business processes, they cause a breadth of new security issues for IT professionals. Cole and #GRCchat participant Brian Fanzo sounded off:

Employees and internal customers play a chief role in data breach prevention, but simple, one-time training sessions won't remedy the issue.

SearchCompliance asked tweet jam participants to speak to this in the past. During our February #GRCchat, we asked, "What information management practices must be included in a mobile device policy to assure proper data security and to prevent breaches?" Tweet jammers suggested companies consider remote wipe control, info management policies for new tech, and frequent data confidentiality reminders for employees.

Robert Naylor's secret sauce? Creative -- and frequent -- training to prevent information security breaches:

Aside from educating employees on how to prevent security breaches, it is important that organizations -- especially those of enterprise capacity -- have leadership in place to enforce security programs and lead by example.

Join the discussion by adding your two cents here, or by using the #GRCchat hashtag on Twitter.

For more coverage of this month's #GRCchat, follow @ITCompliance on Twitter and read our recaps on developing a risk profile and preventing financial gaps. Our next tweet jam is scheduled for June 19 at 12 p.m. EST (topic TBA). We hope to "see" you there!

Dig Deeper on Risk management and compliance