For data security, 2015 is predicted to be as bad or worse as 2014, as more sensitive and confidential information and transactions are moved to the digital space and become vulnerable to attack, according to The Ponemon Institute’s study 2014: A Year of Mega Breaches.
The study, sponsored by Identity Finder, shows that the Target data breach and other massive data losses raised senior managements’ level of concern about how cyber crimes might impact their organizations. Before the Target breach, only 13 percent of survey respondents believed senior management was extremely concerned about data breaches. Afterward, 55 percent of respondents rated management’s concern level as extremely high. In response, many companies have allocated more resources to preventing, detecting and resolving data breaches. Sixty-one percent of survey respondents say the budget for security was increased by an average of 34 percent.
More companies are gaining buy-in and budget support from the C-Suite to prevent, detect, contain and minimize breaches, as well as investigate afterward. Sixty-seven percent of respondents say their organization made sure the IT function had the budget necessary to defend the enterprise from data breaches.
A further 60 percent say they made changes to operations and compliance processes to establish incident response teams, conduct training, and use data security effectiveness measures.
However, the study says, 65 percent of respondents reported that attacks evaded existing preventative security controls, and 46 percent say breaches were discovered by accident. Companies that were confident of understanding the root cause of data breaches had incident response teams, security management tools, and a security consultant in place to help determine the cause.