In the second annual survey of 175 IT and information security professionals from North American enterprises with 1,000 or more employees, 40 percent said most of their data is adequately secured and 11 percent said some confidential data is secured. Two percent of respondents said most confidential data is not secured and another two percent said they did not know.
The remaining 40 percent of respondents said they believe that all of their organization's confidential data is adequately protected.In addition, fewer than half of respondents believed that their existing database security controls provide adequate protection for all databases that contain confidential data, according to the survey, released Tuesday. Many organizations have trouble securing databases due to budget constraints and a lack of resources, Thom VanHorn, vice president of global marketing at Application Security, told SCMagazineUS.com on Tuesday.
“We are still kind of in a crisis state when it comes to database security,” VanHorn said.
Recently, a database of the Springfield, Massachusetts-based insurance provider Mass Mutual was accessed by an individual without authorization, potentially exposing the personal information of an unknown number of employees.The ESG survey also found that just 37 percent of respondents believe they can meet regulatory compliance requirements and ensure the security of confidential or sensitive information at all times. In addition, nearly 30 percent of organizations surveyed said they have failed a data security compliance audit in this past three years.