|
Datamonitor's global research into enterprises' experiences of data leakage highlights a problem that should be increasingly prevalent in IT decision making—a problem that impacts them through numerous channels and sources. Perhaps most significantly, it is a problem that could lead to extremely serious financial consequences. Though most enterprises are aware of this, many appear to be complacent in the way that they are addressing the issue.
The study indicates that IT decision makers are far from confident about their ability to track data leakage: only six percent of enterprises are in a position to categorically state that they have not experienced any data loss in the last two years. Given this, Datamonitor sees data loss from the enterprise as a ubiquitous problem.
Respondents see the primary threat coming from inside rather than outside the organization, although the vast majority recognize that leakage occurs to some extent on both sides of the firewall. Malicious data loss represents an especially serious concern: the finding that 23 percent of all data loss is considered to be malicious is higher than Datamonitor anticipated, indicating the scale of the threat that enterprises face.
In terms of financial impact, the survey's findings are stark. Those enterprises that are able to provide an estimate believe that data leakage costs their organizations $1.82 million on average per year. The potential effect of a data breach is even more serious: 33 percent of respondents believe that a major breach could potentially put them out of business, while 70 percent believe that a major breach could seriously damage their company's brand.
With such potentially damaging consequences, it is surprising that so many enterprises have put so few practices in place to prevent data leakage. Clearly, enterprises' approach to data leakage is still far from reaching maturity. Enterprises must therefore engage with third-party specialists to ensure that both the correct security solutions, as well as effective policies and procedures, are put in place.
Data leakage. Just about everyone is aware of it, but is it the next wave of impending disaster that could sweep the global enterprise landscape? More than 60 percent of enterprises surveyed have experienced it within the last year, and 33 percent believe it could put them out of business. It has the potential to change the face of business and the global economy if it continues to go unchecked.
Loss of confidential company data has far-reaching ramifications that can potentially change the way business is done all over the world. The problem of data loss is growing exponentially. According to the Privacy Clearinghouse Web site, nearly 150 million records containing sensitive personal information have been involved in data breaches in the United States alone. Since 2004, there has been a 1700 percent increase in data loss incidents. In December 2006, the number of data loss incidents hit 100 million; by spring of 2007, the number grew to 150 million.
A large-scale data breach could be the next corporate scandal of the new century. Shortly after the turn of the century, the fraudulent financial practices of a handful of unscrupulous executives brought down some once-powerful companies. Their actions hurt not only themselves and the companies’ reputations, but also shareholders who suffered monetary losses and employees who lost their retirement savings and their jobs.
Today, there is regulatory legislation in place in the United States and around the world to prevent financial fraud and nondisclosure of accounting practices, including the U.S. Sarbanes-Oxley Act (SOX), signed into law on July 30, 2002. But are government and industry regulations enough?
Eight years into the 21st century, the spotlight has shifted away from the executive ranks, and a new threat has emerged. Today virtually anyone can be an intentional or unintentional perpetrator. A disgruntled employee who decides to leave the company can steal confidential data and sell it to a competitor for a hefty price. A well-intentioned CFO can have his laptop containing vital financial data stolen from his rental car at the airport. Or a conscientious HR manager decides to copy and paste sensitive information into a message she’s sending via her own webmail account, so that she can work on the material on her home computer over the weekend. No matter how data loss occurs, many individuals could be hurt as a result.
It is a watershed moment for large organizations all over the world. And with increasing pressure to stay compliant, they need to start taking proper precautions to prevent the floodgates from bursting.
|
