Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

8/10/2009
03:26 PM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

Report: Less Budget, More Data Leaks

Budget constraints, social networks, and mobile devices take their toll as data leaks among U.S. enterprises multiply

Half of all organizations say tighter budgets have hurt their ability to protect the leakage of sensitive or confidential information during the past year, according to a new report.

The increasing number of layoffs overall, and of IT staff, specifically, are taking their toll on security, Proofpoint's "Outbound Email and Data Loss Prevention in Today's Enterprise" survey found. More than one-third (34 percent) of U.S. companies in the survey said they had suffered from the leakage of sensitive or embarrassing data in the past 12 months. Forty-three percent said they had investigated a suspected leak of sensitive data via email, and 34 percent had investigated a violation of data protection regulations or privacy in the past year.

More than one-third said customer data was exposed or stolen, and 28 percent said they had been hit by exposure or theft of their intellectual property during the past year.

"I was kind of surprised how many data breaches via email had been investigated. When that number is over 40 percent, that's really high. It is still the biggest risk area," says Keith Crosley, director of market development for Proofpoint. The report is based on data gathered from 220 email decision-makers at U.S. companies with more than 1,000 employees.

Interestingly, even with their dwindling man power, many organizations are cracking down more on data leakage violations than ever before. "Discipline and termination were pretty high this year," Crosley says.

More than 30 percent said in the past 12 months they had terminated an employee for violating the organization's email policies, and more than 50 percent had disciplined one for doing so. Crosley says it may be that for some organizations under the gun to trim their costs, violating policy is more likely to cost you your job than anything else. "If you need to reduce your staff, people who are violating corporate policies stand a higher chance of being terminated. There's a message here for employees: Be aware of your company's [security] policies," he says.

Social media sites like Facebook, Twitter, and YouTube also have businesses nervous about data leaks: Forty-two percent say they are very worried about data leaking via media-sharing sites. Nearly one in five companies have investigated sensitive data exposure via video or audio posted to a media-sharing site, 15 percent have disciplined an employee for violating online media-sharing policies, and 8 percent have fired one for it.

Nearly 20 percent have investigated data leaks via social networking sites, and 45 percent are concerned with data leakage via Facebook and LinkedIn. About 10 percent have disciplined an employee for an infraction here, while 8 percent have fired one for it. More than 40 percent worry about Twitter posts and SMS messages leaking data.

More than half worry about data leakage via email sent from mobile phones, and 22 percent have investigated a data leak via those devices.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Sodinokibi Ransomware: Where Attackers' Money Goes
Kelly Sheridan, Staff Editor, Dark Reading,  10/15/2019
Data Privacy Protections for the Most Vulnerable -- Children
Dimitri Sirota, Founder & CEO of BigID,  10/17/2019
7 SMB Security Tips That Will Keep Your Company Safe
Steve Zurier, Contributing Writer,  10/11/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: The old using of sock puppets for Shoulder Surfing technique. 
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
2019 Online Malware and Threats
2019 Online Malware and Threats
As cyberattacks become more frequent and more sophisticated, enterprise security teams are under unprecedented pressure to respond. Is your organization ready?
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-8216
PUBLISHED: 2019-10-17
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .
CVE-2019-8217
PUBLISHED: 2019-10-17
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-8218
PUBLISHED: 2019-10-17
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .
CVE-2019-8219
PUBLISHED: 2019-10-17
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-8220
PUBLISHED: 2019-10-17
Adobe Acrobat and Reader versions, 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .