Report: Organizations recognize security risks, slow to take action

Share this article:
Report: Organizations recognize security risks, slow to take action
A recent study has found a significant gap between perceived risk and the actual safeguarding of sensitive data.

Businesses continue to struggle to prioritize safeguarding confidential data despite with 72 percent having suffered a data breach over the last year, according to a recent report.

Even though significant breaches at Target and other companies have shown just how devastating a breach can be, companies have been slow to adopt appropriate safety measures — only 51 percent of 1,587 IT executives surveyed by the Ponemon Institute for “The State of Data Centric Security,” gave high priority status to securing confidential data.

The gap between perceived risk and extant practice is surprising, Larry Ponemon, chairman and founder of the Ponemon Institute, said in a Wednesday email correspondence with SCMagazine.com, especially considering more than half, 58 percent, said the breaches their companies suffered could have been avoided.

While 79 percent understand that their companies are at serious risk when they do not where sensitive and confidential data is located — 59 percent of the retailers surveyed said that “keeps me up at night”
— many face challenges that prevent them from implementing security measures.

“Most respondents recognize the very significant business risk facing their organizations as a result of insecure data assets,” Ponemon said. “Despite this recognition, many respondents acknowledge they do not have the people, process and technology to curtail this serious risk.”

In fact, respondents indicated that they are feeling the sting of limited resources and skillsets. The report, sponsored by Informatica, found that 57 percent would like to have more skilled security professionals on staff. 

The skyrocketing volume of data alone continues to pose problems.

“The increase in data from all sources increases the risk of data breach and other privacy-related snafus for organizations,” said Ponemon. “Mobile devices, mobile workforce and employees' use of insecure cloud apps further exacerbate this risk.”

Ponemon advocates a data-centric approach to security, which, he said, establishes “a holistic framework that helps organizations cope with massive increases in both structured and unstructured data.”

Page 1 of 2
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

EU conducts massive cyberattack simulation on critical networks

Conducted by the European Union Agency for Network and Information Security, the simulation launched 2,000 attacks on the networks of various critical infrastructure organizations.

FilmOn accuses DoubleVerify of distributing malware

In readying a libel suit against DoubleVerify, FilmOn says it discovered that the firm deliberately distributed malware.

Schumer: Feds should do 'top to bottom' probe of online drug marketplaces

Sen. Charles Schumer of New York has called on federal law enforcement officials to stop "copy cat websites."