Two out of three IT pros don't comply with all data laws
According to a new study, 68 percent of IT professionals believe their organizations are failing to carry out all procedures in line with data protection laws.
The report from digital security specialist Gemalto also shows 65 percent of companies are unable to analyze all the data they collect and only just over half (54 percent) know where all of their sensitive data is stored.
The ability of business to analyze the data they collect varies worldwide with India (55 percent) and Australia (47 percent) best at using the data they collect. In fact, despite nine in 10 (89 percent) global organizations agreeing that analyzing data effectively gives them a competitive edge, only one in five Benelux (20 percent) and British (19 percent) companies are able to do so.
"If businesses can't analyze all of the data they collect, they can't understand the value of it -- and that means they won’t know how to apply the appropriate security controls to that data," says Jason Hart, vice president and CTO for Data Protection at Gemalto. "Whether it's selling it on the dark web, manipulating it for financial gain or to damage reputations, unsecured data is a goldmine for hackers. You only need to look at the recent hacks on the World Anti-Doping Agency and International Luge Federation to see the damage that can be done. What’s more, data manipulation can take years to discover, and with data informing everything from business strategy to sales and product development, its value and integrity cannot be underestimated."
When it comes to how data is being secured, the study found that almost half (48 percent) of IT professionals say perimeter security is effective at keeping unauthorized users out of their networks. This is despite the majority of IT professionals (68 percent) believing unauthorized users can access their corporate networks. However, once the hackers are inside, less than half of companies (43 percent) are extremely confident that their data would be secure. UK businesses are the most concerned with just 24 percent prepared to say they’re extremely confident, with Australia showing the highest confidence at 65 percent.
The study also shows a growing awareness of data breaches and communications around GDPR which has led to 90 percent of consumers believing that it is important for organizations to comply with data regulations. In fact, over half (54 percent) are now aware what encryption is, showing an understanding of how their data should be protected.
Hart concludes, "Organizations must realize that it's no longer a case of if, but when a breach occurs, and protect their most valuable asset -- data -- through encryption, two-factor authentication and key management, rather than solely focusing on perimeter protection."
You can find out more in the full report available from the Gemalto website.