RSS Alerts

Related Links

Related Stories

  • Learn about information security and USB devices
    Lumension looks at the information security risks with USB devices – and how to overcome them – in its latest white paper Portable Panic: Evolution of USB Insecurity.
  • Lumension survey predicts ITsec trends for 2009
    End of year research commissioned by enterprise endpoint security specialist Lumension has found that outsourcing is likely to be a major IT security talking point in 2009.
  • US standards drive Canadian information security
    An absence of legislation and the presence of the laissez-faire attitude has resulted in Canada being rather lax when it comes to information security compliance. Robin Arnfield looks at how US standards are driving the Canadian information security marketplace
  • Keeping sensitive information secure when staff is leaving
    Career loyalty is an endangered creature. Unlike our predecessors, today’s workforce is unlikely to stay committed to a job for five years, let alone their entire lives. But with such a fluid stream of employees keeping human resources busy, and countless eyes being cast over company data, Rob Stringer investigates how sensitive information can stay faithful to its organisation, even if its staff don’t...
  • Comment: Securing web 2.0 in the workplace
    Simon Morris, research and development director at Pentura looks at how the adoption of web 2.0 makes the job of keeping email and the web free from attacks, malware and spam even more difficult. Yet, simply closing access to unapproved tools can be short sighted as unhappy employees drift to rival businesses with more enlightened policies

News

Report suggests discrepancy between reported and actual data loss incidents

20 November 2009

A study released by the Ponemon Institute suggests that the number of reported data loss incidents in the UK is significantly higher than 415 reported to the Information Commissioners' Office.

According to the Ponemon report, which was sponsored by Lumension, six out of 10 UK companies have data loss including sensitive information as a result of negligent employees, whilst 28% have experienced data loss of sensitive information held by a third party or cloud computing provider.

Three in 10 of the 754 UK respondents to the `State of the End Point' study, meanwhile have experienced data loss through malicious theft of sensitive data by employees.

The institute said that the extent of data loss is unsurprising when 76% of UK employees said they can email data out of their organisation without any trace and 70% claim they can download data onto a USB stick without detection.

Delving into the report reveals that businesses have blamed their inability to cope with data loss on a lack of internal IT skills and the difficulty in managing multiple new security technologies at any one time.

Interestingly, UK security professionals are running an average of 3.7 software agents on each of their devices to cope with a mobile workforce, facilitate cloud computing and accommodate Web 2.0 platforms, the report said.

The report also revealed that businesses have suffered from a multitude of data security breaches in the last twelve months with 84% of UK organisations suffering from computer viruses or malware network intrusions, and 52% target of a botnet attack.

Commenting on the report's findings, Alan Bentley, senior vice president of international for Lumension, said that businesses need to manage multiple security technologies to prevent data loss - sensitive data from walking out the door - and malware from coming in.

"This dual threat is proving difficult for most organisations, which are struggling with a lack of skills, budgetary constraints and the growing complexity of endpoint technologies that they need to run in order to reduce their risk at the endpoint", he said.

"For organisations to get a clear view on where their data lives and is accessed and what threats they are being subjected to, they must bring the different security technologies together onto one endpoint management platform", he added.

"Organisations need to integrate technologies with people, process, and policies to truly reduce complexity and costs while proactively defending against the latest data and malware threats."

 

This article is featured in:
Data Loss Internet and Network Security Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water