Palo Alto, Calif. - Nearly two-thirds of security executives believe they have no way to prevent a data breach, according to research by the Ponemon Institute, an Elk Rapids, Mich.-based privacy and information management research firm. What's more, most respondents believe their organizations lack the accountability and resources necessary to enforce data security policy compliance.The survey report – "National Survey on the Detection and Prevention of Data Breaches"was sponsored by Palo Alto, Calif.-based PortAuthority Technologies Inc. and examines the responses of 853 randomly selected, U.S.-based information security professionals to questions related to data protection and prevention within their organizations.

An analysis of the study suggests that, in spite of increased attention and intense media and public scrutiny, the state of data security within U.S. corporations remains a  serious challenge. Key findings of the study include:

  • 59% of companies surveyed believe they can effectively detect a data breach, but 63% believe they cannot prevent a data breach. High false positive rates of up to 35% affect an organization's ability to detect a breach.
  • 41% of companies surveyed do not believe they are effective at enforcing data security policy. The top reason given for failed enforcement is lack of resources.
  • Companies report a 68% probability of detecting a large data breach (more than 10,000 data files), while small data breaches (fewer than 100 files) are likely to be detected only 51% of the time.
  • 16% of companies surveyed believe they are invulnerable to a data breach.
  • Excessive cost was cited as the primary reason organizations do not use leak prevention technologies, with 35% stating that leak prevention technologies are too expensive.

"Our data show that, in spite of the increased attention being paid to the issue of data security, enormous gaps remain in corporate America's ability to effectively protect sensitive data, and that a lack of accountability as well as a dearth of resources dedicated to the problem are at the root of the problem," says Larry Ponemon, chairman and founder of the Ponemon Institute. "As we have shown in the past, the costs associated with a data breach can be steep, yet many companies have been slow to address this issue in a meaningful way. Based on our findings, we believe that establishing clear accountability, as well as investing in training and technology can help organizations best leverage their existing resources, close these gaps, and better protect information assets, including customer data and intellectual property." 
The survey report also provides insight related to data breach response; technologies, practices, and procedures used to detect and prevent data breaches; primary issues, challenges and possible impediments to effectively detecting and preventing data breaches; and enforcement of data protection policy.

Visit www.ponemon.org or www.portauthoritytech.com/breachsurvey for more survey results.

Source: PortAuthority Technologies Inc.

Register or login for access to this item and much more

All Digital Insurance content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access