IT Pros Say They Can't Stop Data BreachesBy Deborah Rothberg | Posted 2006-08-30 Email Print
Modernizing Authentication — What It Takes to Transform Secure Access
Updated: Nearly two-thirds of respondents in a new study say they're ineffective in preventing data breaches.
In the wake of widely publicized security compromises at AOL and AT&T, a study released Aug. 28 by the Elk Rapids, Mich.-based privacy management research company Ponemon Institute finds that only 37 percent of IT professionals believe their company is effective at detecting data breaches.
Citing a lack of resources and high product costs as barriers to preventing data leakage, respondents were uncertain about their company's ability to discover breaches of confidential information. Only 43 percent believed that their company would detect a large breach (involving more than 10,000 customer records) more than 80 percent of the time. 17 percent of respondents felt their company would correctly detect a small data breach (involving less than 100 customer records) more than 80 percent of the time.
"We've gotten pretty good at protecting from spam and viruses. But, when you rob a bank, you go for the money, and that's the data. Companies are beginning to shift their priorities away from the perimeter and onto the information content," said Gordon Rapkin, president and CEO of Protegrity, a Stamford, Conn.-based provider of enterprise security management solutions.
Respondents viewed the loss or theft of customer or consumer data as the second most detrimental data breach, even if privacy laws required notification, diminishing brand, reputation and customer confidence, and making the incident a public event. The loss or theft of intellectual property came in first in terms of risk, reputations and cost to the organization.
Read the full story on eWEEK.com: IT Pros Say They Can't Stop Data Breaches