IT Managers Say Risk Of Data Loss Is Bad And Getting Worse

Nearly half of IT and compliance professionals said in a recent survey that their organizations are doing an inadequate job of lowering the rate of data loss

The survey of more than 1,000 IT and compliance practitioners also showed that 45% said that if they were hit by a data breach, they don't believe they would be able to notify users and customers, according to researchers at the Ponemon Institute. The same IT managers added that their companies lack the necessary security tools or internal controls to prevent, detect, and correct data security breaches. The study was commissioned by Oracle.

The findings have "disturbing implications" for any company dealing with information stores, according to the study. "It suggests that the IT and compliance practitioners who are required to deal with IT security and privacy issues see the potential for catastrophic data loss," researchers reported. "They also believe that their organizations are grossly inadequate in curbing this potential risk."

The IT managers, who included IT security professionals, interviewed for the survey also said they are much more pessimistic about their organization's ability to detect and control data risks than their compliance counterparts, Ponemon reported. Only 33% of the compliance group said they are vulnerable to data breaches compared with 42% of the IT group.

Both groups, though, told Ponemon that the situation is only going to get worse in the next 12 to 18 months."Our research reveals a disturbing lack of confidence among both IT and compliance practitioners in the ability of their organizations to collect, use, and share sensitive information securely, and within the parameters of the law and corporate policy," said Larry Ponemon, chairman and founder of the Ponemon Institute, in a written statement. "The study also suggests that the IT and compliance practitioners who are required to deal with IT security and privacy issues see the potential for catastrophic data loss and believe that their organizations are inadequately equipped to curb this potential risk."

Wynn White, VP of security products at Oracle, also noted in a statement that security threats and compliance demands are a growing concern to IT administrators -- but not everyone has the same worries.

"The research conducted by the Ponemon Institute provides excellent insight into how different groups within organizations perceive their vulnerability to commonplace privacy and data security challenges," she added. "More importantly, it sheds light on the steps they are taking, or plan to take, to decrease risk and strengthen security."

Stories of data loss from government agencies and corporate enterprises continue to fill the headlines.

One-third of companies said in a recent poll that a major security breach could put their company out of business, according to a report from McAfee.The security company unveiled a study this past April showing that 33% of respondents said they believe a major data-loss incident involving accidental or malicious distribution of confidential data could put them out of business. The study, called Datagate, is based on a survey of more than 1,400 IT professionals at companies with at least 250 employees in the United States, the United Kingdom, France, Germany, and Australia.