Report: Less Budget, More Data Leaks

Budget constraints, social networks, and mobile devices take their toll as data leaks among U.S. enterprises multiply

Dark Reading Staff, Dark Reading

August 11, 2009

3 Min Read

Half of all organizations say tighter budgets have hurt their ability to protect the leakage of sensitive or confidential information during the past year, according to a new report.

The increasing number of layoffs overall, and of IT staff, specifically, are taking their toll on security, Proofpoint's "Outbound Email and Data Loss Prevention in Today's Enterprise" survey found. More than one-third (34 percent) of U.S. companies in the survey said they had suffered from the leakage of sensitive or embarrassing data in the past 12 months. Forty-three percent said they had investigated a suspected leak of sensitive data via email, and 34 percent had investigated a violation of data protection regulations or privacy in the past year.

More than one-third said customer data was exposed or stolen, and 28 percent said they had been hit by exposure or theft of their intellectual property during the past year.

"I was kind of surprised how many data breaches via email had been investigated. When that number is over 40 percent, that's really high. It is still the biggest risk area," says Keith Crosley, director of market development for Proofpoint. The report is based on data gathered from 220 email decision-makers at U.S. companies with more than 1,000 employees.

Interestingly, even with their dwindling man power, many organizations are cracking down more on data leakage violations than ever before. "Discipline and termination were pretty high this year," Crosley says.

More than 30 percent said in the past 12 months they had terminated an employee for violating the organization's email policies, and more than 50 percent had disciplined one for doing so. Crosley says it may be that for some organizations under the gun to trim their costs, violating policy is more likely to cost you your job than anything else. "If you need to reduce your staff, people who are violating corporate policies stand a higher chance of being terminated. There's a message here for employees: Be aware of your company's [security] policies," he says.

Social media sites like Facebook, Twitter, and YouTube also have businesses nervous about data leaks: Forty-two percent say they are very worried about data leaking via media-sharing sites. Nearly one in five companies have investigated sensitive data exposure via video or audio posted to a media-sharing site, 15 percent have disciplined an employee for violating online media-sharing policies, and 8 percent have fired one for it.

Nearly 20 percent have investigated data leaks via social networking sites, and 45 percent are concerned with data leakage via Facebook and LinkedIn. About 10 percent have disciplined an employee for an infraction here, while 8 percent have fired one for it. More than 40 percent worry about Twitter posts and SMS messages leaking data.

More than half worry about data leakage via email sent from mobile phones, and 22 percent have investigated a data leak via those devices.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights