A new survey by the Ponemon institute and sponsored by Informatica, revealed that three out of four businesses believe they would be unable to detect a data breach at any time, and just one in three say their organisation is very good to excellent at detecting and containing breaches.
More worryingly it seems that many businesses are choosing to cut costs rather than spend on security. Nearly half (49%) of respondents admitted to having experienced a breach in the past 12 months and believe it could have been avoided if certain processes and intelligent technologies had been in place.
An overwhelming majority (61%) listed customer data as the information that was most at risk, followed by business intelligence (32%) and the data contained within emails or attachments (29%).
Asked where their security worries lay, 59% say that they worry about mistakes from a temporary worker or contractor, up from 53% in 2014. Additionally, 52% fear third party or outsourcers’ management of data (including cloud)
The top data security solutions in place today include data classification, monitoring and discovery tools, with respondents believing that compliance and security could be improved through intelligent solutions, such as automated user access history with real-time monitoring (74%), policy workflow automation (74%) and automated data discovery/risk assessment (69%)
According to the study, automated solutions for discovering where sensitive data has proliferated and assessing the risk are believed to increase data security effectiveness. The study reveals that 66% of respondents believe such a solution would improve an organisation’s security posture.
“As the gap between believing in data security intelligence solutions and actually possessing them diminishes, so inevitably will the risk of data breaches,” said Dr. Larry Ponemon, Chairman and founder, Ponemon Institute. “Given the growing business and societal costs of breaches, and the runaway proliferation of sensitive data, organisations need to seriously consider adopting a data-centric security stance without delay. To do otherwise may soon be construed as negligence.”
The study follows on from the findings of the recent report on cloud security reported back in June Businesses are over-estimating the risk for data stored in the cloud.