Executive Briefings

Survey: Many Companies Unable to Notify Users of Data Breach

Nearly half of IT and compliance professionals said in a recent survey that their organizations are doing an inadequate job of lowering the rate of data loss. The survey of more than 1,000 IT and compliance practitioners also showed that 45 percent said that if they were hit by a data breach, they don't believe they would be able to notify users and customers, according to researchers at the Ponemon Institute. The same IT managers added that their companies lack the necessary security tools or internal controls to prevent, detect, and correct data security breaches. The study was commissioned by Oracle.
The findings have "disturbing implications" for any company dealing with information stores, according to the study. "It suggests that the IT and compliance practitioners who are required to deal with IT security and privacy issues see the potential for catastrophic data loss," researchers reported. "They also believe that their organizations are grossly inadequate in curbing this potential risk."
The IT managers, who included IT security professionals, interviewed for the survey also said they are much more pessimistic about their organization's ability to detect and control data risks than their compliance counterparts, Ponemon reported. Only 33 percent of the compliance group said they are vulnerable to data breaches compared with 42 percent of the IT group.
Both groups, though, told Ponemon that the situation is only going to get worse in the next 12 to 18 months.
Source: Information Week, http://www.informationweek.com

Nearly half of IT and compliance professionals said in a recent survey that their organizations are doing an inadequate job of lowering the rate of data loss. The survey of more than 1,000 IT and compliance practitioners also showed that 45 percent said that if they were hit by a data breach, they don't believe they would be able to notify users and customers, according to researchers at the Ponemon Institute. The same IT managers added that their companies lack the necessary security tools or internal controls to prevent, detect, and correct data security breaches. The study was commissioned by Oracle.
The findings have "disturbing implications" for any company dealing with information stores, according to the study. "It suggests that the IT and compliance practitioners who are required to deal with IT security and privacy issues see the potential for catastrophic data loss," researchers reported. "They also believe that their organizations are grossly inadequate in curbing this potential risk."
The IT managers, who included IT security professionals, interviewed for the survey also said they are much more pessimistic about their organization's ability to detect and control data risks than their compliance counterparts, Ponemon reported. Only 33 percent of the compliance group said they are vulnerable to data breaches compared with 42 percent of the IT group.
Both groups, though, told Ponemon that the situation is only going to get worse in the next 12 to 18 months.
Source: Information Week, http://www.informationweek.com