Companies still fear data breaches
Data breaches are still top of the list of issues companies are worried about in terms of IT security, according to a new report.
The 2014 State of Risk Report from Trustwave surveyed 476 information technology and security professionals located in more than 50 countries and found that four-fifths (81 per cent) of businesses now store and process financial data. Furthermore, 71 per cent keep intellectual property and 47 per cent store payment card data.
Michael Aminzade, vice-president of global compliance and risk services at Trustwave, stated that enterprises must look at security as a business-as-usual imperative.
He said: "Understanding their risk level is the first step. By identifying their largest security shortfalls and rectifying them, businesses can stay ahead of the criminals and decrease their risk of getting breached."
Awareness of where their data is held is a problem for a lot of companies, with the Trustwave research finding that a third (33 per cent) of businesses have not commissioned a risk assessment to identify where their valuable data is held and what controls - if there are any at all - are in place to protect it.
Adoption of the cloud has caused many data security issues and companies that do not have a solid plan to keep data safe and secure are at risk of being targeted by hacking attacks.
More than half (58 per cent) of businesses taking part in the 2014 State of Risk Report revealed that they use third parties to manage sensitive data. Despite this, almost half (48 per cent) do not have a third party management program in place.
Patch management programs are a further problem for enterprise users, with 12 per cent having no patch management process in place at all.
Over a fifth (21 per cent) of respondents admitted that they never perform security awareness training, while 23 per cent said they do not have security planning meetings and 24 per cent revealed their employees do not have to read and sign their information security policy.
Businesses looking to move services into the cloud should evaluate the performance of their existing network and consider setting up a leased line or MPLS network.
