More than 50 percent of data breaches are never reported by the companies or enterprises that experience them, according to a recently released report.
Researchers who conducted a survey of security analysts concluded that breaches may be actually more widespread than previously thought, with 57 percent of respondents revealing that they had uncovered vulnerabilities that were either not reported or, more often than not, were deemed not important enough to fix.
According to ZDNet.com, 200 professionals were interviewed by Opinion Matters in October, with the authors of the report noting that 66 percent of analysts working with enterprises with 500 or more employees were more likely to keep data breaches to themselves, with the consensus being that protecting the reputation of the brand was a driving factor. The survey also showed that 67 percent of senior security decision makers see frequency of potential attacks as an ongoing problem, while 58 percent cited an ineffectiveness in current cyber-based solutions as a cause for concern.
Security compliance is one of the major issues facing IT today, with the physical aspect of a potential breach often overlooked by the more high-profile nature of the cyber version. Data has become a valuable commodity in a number of industry sectors, and with the most common form of personal information for access control within an enterprise or organization still being an ID card, there is a demonstrated need for businesses to look at next-generation systems to reduce the risk of data breach.
Mitigating data breach risks
In fact, a reliance on tried-and-tested methods can lead to identity theft, with a recent study showing that 25 percent of people who had either their ID or credit cards stolen become victims of this form of fraud. According to Reuters, retailers remain the prime target for those with malicious intent, although the financial and health care sectors are increasingly being seen as a fertile environment for obtaining data of value.
"Identifying and protecting the sensitive information typically stored by these industries is essential for mitigating the risk of a data breach and, therefore, the risk of financial loss to data custodians, consumers and third-party businesses," said Al Pascual, Senior Analyst of Security, Risk and Fraud at Javelin Strategy & Research, and lead author of the report.
With that in mind, the report recommends that enterprises need to be carrying out ongoing risk assessments of their current data center security mechanisms, with businesses identifying exactly where that information could be at risk. At the same time, IT departments should make sure that non-tech staff are fully aware that handling sensitive information requires an adherence to internal security policies, thereby limiting the potential for breaches.