On Wednesday, the Ponemon Institute and Ounce Labs plan to publish the results of a study that looks at the value proposition of corporate data protection efforts within various business segments. The focus of the data is the perspectives between CEOs and other C-Level executives.
A new study looks at how data stolen internally at a business is used. (IMG:J.Anderson)
“In times of shrinking budgets, it is important for those individuals charged with managing a data protection program to understand how key decision makers in organizations perceive the importance of safeguarding sensitive and confidential information,” the report explained.
“In this study, we learned that C-Level executives believe good data protection practices can support important organizational goals such as compliance, reputation management, and customer trust. However, we also learned that the majority of respondents are not confident in their ability to safeguard sensitive and confidential information.”
C-Level executives are concerned about threats to sensitive and confidential data, the results show. Eighty-two percent of the C-Level executives surveyed said that their organizations had experienced a data breach, and many of them are positive they cannot prevent a repeat performance. Ninety-four percent of those who admitted to a data breach said that it was within the last six months.
Those high numbers, shocking and oddly not all that surprising at the same time, are nothing when you follow it with the fact that 85-percent of those who are said to be in charge of data protection, commonly considered the CIO, don’t believe that a failure to stop a data breach would impact their job. In survey speak, that means that most of those who are charged with guarding data have no fears about instantly becoming jobless if they fail at their tasks.
In truth, the results show that there is no clear accountability at any level. Most want to point the blame at someone else when the worst happens. For example, 53-percent of the CEOs surveyed said that the CIO is responsible for data protection, yet only 24-percent of the other C-Levels would point to the CIO as the one responsible for the data protection overall.
There are other glairing disconnects between the CEO and the other C-Level executives. For example, most CEOs underestimate risk. Forty-eight percent of the CEOs surveyed said they believe their organizations are rarely attacked. Despite the fact that 51-percent of businesses surveyed are attacked on a daily or hourly basis.
Overall, Ounce Labs says, the security disconnects between CEOs and other C-Levels put businesses and consumers at risk. While true, the real scope of the damage is slightly skewed. This is because the sample size used in the survey is 213 executives, who answered yes to the question, “Does your organization have a data protection and privacy program or initiative?” By design, C-level respondents who were not CEOs were no more than two steps away from the CEO or Chairman level in their organizations.
Even with a small sample, the picture isn’t pretty, but a larger study should follow this one in the near future.
The report is due Wednesday and can be downloaded here.
Interested in a more interactive TTH? Join our Facebook Group Want regular updates from The Tech Herald? Follow us on Twitter
Advertising
Comment on this Story