Quocirca just released "Room for Improvement," its latest research into data protection efforts amongst enterprises in the UK. Perhaps the most significant finding from Quocirca was that only 29% of the organizations surveyed were very confident in the security of their data – a number that is without a doubt reflective of the current state of cyber threats and data breaches making headlines.
Beyond gauging businesses’ confidence levels in their security programs, the research also examined the potential causes for this lack of security confidence as well as the factors driving higher levels of confidence at some businesses. Ultimately, Quocirca identified three factors that combine to instill higher degrees of confidence in data security measures: employee education, adoption of data security technology, and coordinated security policies.
Employee Education Drives Security Confidence
It’s no surprise that employee education is a major contributor to any organization’s security posture. More surprising was Quocirca’s finding that lack of security education wasn’t just limited to non-security personnel:
- 39% of respondents did not feel that their security team was ‘highly knowledgeable’ on the topic of data protection, rising to 77% amongst the general IT team
- 36% of respondents rated senior management as ‘unknowledgeable’, rising to 47% amongst employees in general
Security Confidence is Diminished when Organizations Fail to Adopt Adequate Security Solutions
The research also found that while many companies had adopted traditional security technologies such as web and email filtering, most had failed to adopt advanced data security solutions:
- 64% have no digital rights management
- 60% do not monitor user behavior
- 51% do not deploy next generation firewalls
- 48% have no data scanning or classification of data
- 47% have no data loss prevention technology in place
Confidence Improves when Organizations Enact Coordinated Data Security and Incident Response Policies
Finally, the organizations that reported the highest levels of confidence in their data security measures were those that combined user education with adequate data security technologies in coordinated policies for data security and incident response. Among Quocirca’s key findings:
- Businesses with a coordinated response policy were more than twice as likely to be ‘very confident’ about defending data against the accidental actions of employees, compared with those with a more fragmented approach (34% vs 15% respectively)
- When looking at more malicious data breaches, those with a coordinated approach were three times as likely to be ‘very confident’ about defending data against criminal hackers (31% vs 9% respectively)
While Quocirca’s “crisis of confidence” amongst UK security teams may be concerning, organizations that successfully address these three factors can take confidence that their security measures are robust enough to keep their data safe and respond correctly when it is put at risk. Download Quocirca’s "Room for Improvement" report to learn more.
Digital Guardian MSP Technical Overview
Get the details on how our security experts work to secure your sensitive data, so you can focus on your business.
Related ArticlesFriday Five: 8/10 Edition
A vulnerability in WhatsApp, data leaking flaws on Comcast's website, and more -- catch up with the week's infosec news with this roundup!Law Firms: Cyber Criminals’ Next Top Target?
Without breach notification requirements in place, it can be hard to gauge the popularity of law firms as targets for cyber criminals. But if recent findings are any indication, the legal industry may well be the next lowest hanging fruit for attackers.Happy Data Privacy Day 2018!
Guess the value of your data on the dark web, get tips to protect your data, and more as we celebrate Data Privacy Day 2018.