Most security pros don't think a breach will happen to them

New findings from a Tenable Network Security study have uncovered an "It Won’t Happen to Me" mentality amongst security professionals.

According to the study, more than 90 percent of attendees surveyed at the 2011 Gartner Security & Risk Management Summit discussed large-scale, high-profile breaches like RSA, Citigroup and Sony with senior management, yet only 23 percent did anything beyond that.

"It would be impossible and impractical to make changes, updates or company-wide announcements for every data breach reported," said Ron Gula, CEO and CTO at Tenable Network Security. "But with record-breaking exposures like what we’ve seen this year, there’s an opportunity for us to learn and to educate employees about the implications of a security breach and reinforce existing policies and information security practices. This is also a clear sign that the majority of security pro’s have been getting by on ‘just good enough’ security practices that help them pass an audit, but don’t truly secure their business."