10 numbers that show companies are not protecting their data enough

by bold-lichterman

After Mark Zuckerberg, victim of a password hack earlier this week, the social network Twitter was the target of data theft, having 32 million passwords stolen, according to Techcrunch. We also remember that last February, an American hospital was targeted by a “RansomWare” type attack. Hackers who encrypted key healthcare facility data demanded a multi-million dollar ransom to decrypt it.

Globally, 3.9 billion pieces of data have been stolen since 2013, according to the latest Data Security Confidence Index by Gemalto published this Wednesday June 8.

Faced with these new kinds of threats, companies do not seem to adopt appropriate security strategies, according to the authors of the study.

The importance of protecting data underestimated

  • 69% of IT managers interviewed as part of the study doubt their organization’s ability to protect its data in the event of an intrusion into its security perimeter (they were only 54% in 2014).

  • First surprise of the study: 66% of respondents believe that unauthorized users have access to their network. They are 16% to say that these users even have access to all of their data.

  • Asked about the question, more than 10% of IT managers respondents state that as customers, they would not entrust their personal data to the organization they work for.

  • Asked about the security systems put in place within their company, 82% of respondents cite data security solutions, and 81% of network security solutions. They are only 66% to mention identity checks and access controls.

  • While 86% of respondents believe that they have significantly increased their spending on securing their network, they are more than a quarter (27%) to report having had a security breach in the past 12 months (i.e. a proportion equivalent to that of 2015, where they were 30%).

  • Among the main threats facing companies, we note malware (21% of attacks), viruses (at 20%) and RansomWeb attacks (also at 20%).

  • 82% of respondents declare to devote between 5 and 10% of their budget security in the purchase, deployment and maintenance of their network.

  • Second surprise of the study: if they had to eliminate an expenditure item from their security budget, they are more than a third (34%) to choose data protection, and 30% to choose the detection of anomalies.

  • 78% of IT managers questioned declare that they had to change their security strategy in 2016, due to a security breach. They were only 53% in 2014.

  • 92% of companies who have experienced a security breach in the past five years claim to have observed commercial consequences (delay in product development at 36%, bad press at 30%, drop in customer confidence to 26%). They also saw their costs increase by $ 1.1 million, according to the study’s authors.

The authors of the study therefore recommend that IT managers accept the security flaws in their organization, and focus on protecting their data and their users.

** Methodology: 1,100 IT managers were interviewed by Gemalto, all over the world (United States, United Kingdom, France, Germany, Russia, India, Japan, Australia, Brazil, Benelux and Middle East). Respondents work in different sectors of activity (industry, health, financial services, government, telecommunications, retail, etc.).