Study: Personal Data Exposed Frequently

Eighty-five percent of privacy and security professionals say a reportable data breach occurred in their organizations in the last year

Dark Reading Staff, Dark Reading

December 11, 2007

2 Min Read

NEW YORK -- Personally identifiable information (PII) of customers and employees is being exposed -- frequently and repeatedly – potentially putting hundreds of thousands of individuals at risk and exposing organizations to increased liability, according to a new survey by Deloitte & Touche LLP (“Deloitte”) and the Ponemon Institute LLC.

A shocking 85 percent of privacy and security professionals in North America surveyed acknowledged having at least one reportable data breach of PII within their organizations during the last 12 months, according to the “Enterprise@Risk: 2007 Privacy & Data Protection Survey.” More alarming is the fact that 63 percent acknowledged multiple reportable data breaches occurred within their organizations during the same period. As a result, privacy and security professionals continue spending most of their privacy-focused time on incident response and relatively little time on more proactive activities, such as strategy, training and root cause analysis.

More than 800 North American privacy and security professionals responded to the online survey sponsored by Deloitte and the Ponemon Institute, which was conducted to better understand the emerging privacy function. The survey, now in its second year, analyzed the roles, activities and time allocation preferences of dedicated privacy and security professionals, as well as their organizational status and reporting relationships. Specifically, respondents were asked to describe actual versus “ideal” time spent on activities and requirements to effectively manage and protect personal data in the enterprise.

“Frankly, I’m shocked by the high percentage of PII data breaches we’re seeing occur within organizations. This survey provides insight into the scale of the problem and how enterprises are struggling to respond. It’s clear that both privacy and security professionals are caught in a reactive cycle, and they agree on the need to move to a more proactive stance,” said Rena Mears, Deloitte global and U.S. privacy and data protection leader.

Deloitte & Touche USA LLP

Read more about:

2007

About the Author(s)

Dark Reading Staff

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

See more from Dark Reading Staff
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe

You May Also Like

More Insights
Webinars
More Webinars
Events
More Events

Editor's Choice

Empty hospital hallway
Cyberattacks & Data Breaches
Ascension Healthcare Suffers Major CyberattackAscension Healthcare Suffers Major Cyberattack
byNathan Eddy, Contributing Writer
May 10, 2024
3 Min Read
Black noodles with tomatoes on top
Cyberattacks & Data Breaches
500 Victims In, Black Basta Reinvents With Novel Vishing Strategy500 Victims In, Black Basta Reinvents With Novel Vishing Strategy
byNate Nelson, Contributing Writer
May 13, 2024
4 Min Read
Wireless Internet symbol on a cellphone being held in a hand
Endpoint Security
Flaw in Wi-Fi Standard Can Enable SSID Confusion AttacksFlaw in Wi-Fi Standard Can Enable SSID Confusion Attacks
byJai Vijayan, Contributing Writer
May 15, 2024
4 Min Read
Reports
More Reports
White Papers
More Whitepapers
Events
More Events