Report: Less Budget, More Data LeaksReport: Less Budget, More Data Leaks
Budget constraints, social networks, and mobile devices take their toll as data leaks among U.S. enterprises multiply
August 11, 2009
Half of all organizations say tighter budgets have hurt their ability to protect the leakage of sensitive or confidential information during the past year, according to a new report.
The increasing number of layoffs overall, and of IT staff, specifically, are taking their toll on security, Proofpoint's "Outbound Email and Data Loss Prevention in Today's Enterprise" survey found. More than one-third (34 percent) of U.S. companies in the survey said they had suffered from the leakage of sensitive or embarrassing data in the past 12 months. Forty-three percent said they had investigated a suspected leak of sensitive data via email, and 34 percent had investigated a violation of data protection regulations or privacy in the past year.
More than one-third said customer data was exposed or stolen, and 28 percent said they had been hit by exposure or theft of their intellectual property during the past year.
"I was kind of surprised how many data breaches via email had been investigated. When that number is over 40 percent, that's really high. It is still the biggest risk area," says Keith Crosley, director of market development for Proofpoint. The report is based on data gathered from 220 email decision-makers at U.S. companies with more than 1,000 employees.
Interestingly, even with their dwindling man power, many organizations are cracking down more on data leakage violations than ever before. "Discipline and termination were pretty high this year," Crosley says.
More than 30 percent said in the past 12 months they had terminated an employee for violating the organization's email policies, and more than 50 percent had disciplined one for doing so. Crosley says it may be that for some organizations under the gun to trim their costs, violating policy is more likely to cost you your job than anything else. "If you need to reduce your staff, people who are violating corporate policies stand a higher chance of being terminated. There's a message here for employees: Be aware of your company's [security] policies," he says.
Social media sites like Facebook, Twitter, and YouTube also have businesses nervous about data leaks: Forty-two percent say they are very worried about data leaking via media-sharing sites. Nearly one in five companies have investigated sensitive data exposure via video or audio posted to a media-sharing site, 15 percent have disciplined an employee for violating online media-sharing policies, and 8 percent have fired one for it.
Nearly 20 percent have investigated data leaks via social networking sites, and 45 percent are concerned with data leakage via Facebook and LinkedIn. About 10 percent have disciplined an employee for an infraction here, while 8 percent have fired one for it. More than 40 percent worry about Twitter posts and SMS messages leaking data.
More than half worry about data leakage via email sent from mobile phones, and 22 percent have investigated a data leak via those devices.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023