Three Quarters of UK Businesses Not Confident of Detecting Data Breaches

Only about a quarter of UK businesses believe their organization could detect a data breach whenever it happens.

That’s the word from a survey from the Ponemon Institute that also found only a third say their organization is “very good to excellent” at detecting and containing breaches. Meanwhile, nearly half (49%) of respondents admit to having experienced a breach in the past 12 months and believe it could have been avoided if certain processes and intelligent technologies had been in place.

The news comes as security concerns are escalating in the face of ever-proliferating digital data. Securing and protecting sensitive and confidential data is a high priority for 56% of respondents—and an overwhelming majority (61%) listed customer data as the information most at risk. That was followed by business intelligence (32%) and the data contained within emails or attachments (29%).

As for where the risk lies, a full 59% say that they worry about mistakes from a temporary worker or contractor, up from 53% in 2014. Additionally, 52% fear third-party or outsourcers’ management of data (including cloud services).

Still, prevention technologies are not widely deployed. Most respondents said that they rely on data classification, monitoring and discovery tools, which aren’t cutting it. But, respondents said that compliance and security could be improved through as-yet-undeployed intelligent solutions, such as automated user access history with real-time monitoring (74%), policy workflow automation (74%) and automated data discovery/risk assessment (69%)

“As the gap between believing in data security intelligence solutions and actually possessing them diminishes, so inevitably will the risk of data breaches,” said Larry Ponemon, chairman and founder, Ponemon Institute. “Given the growing business and societal costs of breaches, and the runaway proliferation of sensitive data, organizations need to seriously consider adopting a data-centric security stance without delay. To do otherwise may soon be construed as negligence.”

According to the study, automated solutions for discovering where sensitive data has proliferated and assessing the risk are also believed to increase data security effectiveness, with 66% of respondents saying that this would improve an organization’s security posture.

“Security professionals can no longer do without a solution that provides visibility into where sensitive and confidential data resides, coupled with visibility into its risk,” said Amit Walia, executive vice president and chief product officer of Informatica, which sponsored the study. 

What’s Hot on Infosecurity Magazine?