Study: Personal Data Exposed Frequently
Eighty-five percent of privacy and security professionals say a reportable data breach occurred in their organizations in the last year
NEW YORK -- Personally identifiable information (PII) of customers and employees is being exposed -- frequently and repeatedly – potentially putting hundreds of thousands of individuals at risk and exposing organizations to increased liability, according to a new survey by Deloitte & Touche LLP (“Deloitte”) and the Ponemon Institute LLC.
A shocking 85 percent of privacy and security professionals in North America surveyed acknowledged having at least one reportable data breach of PII within their organizations during the last 12 months, according to the “Enterprise@Risk: 2007 Privacy & Data Protection Survey.” More alarming is the fact that 63 percent acknowledged multiple reportable data breaches occurred within their organizations during the same period. As a result, privacy and security professionals continue spending most of their privacy-focused time on incident response and relatively little time on more proactive activities, such as strategy, training and root cause analysis.
More than 800 North American privacy and security professionals responded to the online survey sponsored by Deloitte and the Ponemon Institute, which was conducted to better understand the emerging privacy function. The survey, now in its second year, analyzed the roles, activities and time allocation preferences of dedicated privacy and security professionals, as well as their organizational status and reporting relationships. Specifically, respondents were asked to describe actual versus “ideal” time spent on activities and requirements to effectively manage and protect personal data in the enterprise.
“Frankly, I’m shocked by the high percentage of PII data breaches we’re seeing occur within organizations. This survey provides insight into the scale of the problem and how enterprises are struggling to respond. It’s clear that both privacy and security professionals are caught in a reactive cycle, and they agree on the need to move to a more proactive stance,” said Rena Mears, Deloitte global and U.S. privacy and data protection leader.
Read more about:
2007About the Author(s)
You May Also Like
Why Effective Asset Management is Critical to Enterprise Cybersecurity
May 21, 2024Finding Your Way on the Path to Zero Trust
May 22, 2024Extending Access Management: Securing Access for all Identities, Devices, and Applications
June 4, 2024Assessing Software Supply Chain Risk
June 6, 2024Preventing Attackers From Wandering Through Your Enterprise Infrastructure
June 19, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024