Businesses Face Rising Challenges to Keep Data Secure: ReportBy Nathan Eddy | Posted 2011-06-09 Email Print
Re-Thinking HR: What Every CIO Needs to Know About Tomorrow's Workforce
The primary cause for data loss resulted from lost or stolen equipment, followed by network attacks, the survey found.
A report from Check Point Software and the Ponemon Institute, a privacy and information management research firm, revealed that 77 percent of organizations surveyed have experienced data loss in the last year. Key findings from the report, Understanding Security Complexity in 21st Century IT Environments, showed respondents cited customer information (52 percent) as the most common type of information compromised -- in addition to intellectual property (33 percent), employee information (31 percent) and corporate plans (16 percent).
With the adoption of Web 2.0 applications and more mobile devices connecting to the network, organizations are challenged with enforcing better data security and IT Governance, Risk and Compliance (GRC) requirements, the report noted. According to the survey of more than 2,400 IT security administrators, the primary cause for data loss resulted from lost or stolen equipment, followed by network attacks, insecure mobile devices, Web 2.0 and file-sharing applications and accidentally sending emails to the wrong recipient.
"With hundreds of data loss incidents every year -- both reported and unreported -- it's no surprise the issues with governance, risk and compliance are being magnified," said Larry Ponemon, chairman and founder, Ponemon Institute. "Data security in a modern day world means more than deploying a set of technologies to overcome these challenges. In fact, the lack of employee awareness is a primary cause in data loss incidents and is encouraging more businesses to educate their users about corporate policies in place."
In addition, approximately 49 percent of all respondents believe their employees have little or no awareness about data security, compliance and policies -- encouraging businesses to integrate more user awareness into their data protection strategies, as people are often the first line of defense. The Ponemon Institute independently conducted the survey in February, surveying IT security administrators located in the United States, U.K. France, Germany and Japan. The survey sample represents organizations of all sizes and across 14 different industries.
"We understand that data security and compliance are often at the top of the CISO's list. However, if you look at the drivers for data loss, the majority of incidents are unintentional," said Oded Gonda, vice president of network security products at Check Point Software. "In order to move data loss from detection to prevention, businesses should consider integrating more user awareness and establish the appropriate processes to gain more visibility and control of information assets."