Quocirca just released "Room for Improvement," its latest research into data protection efforts amongst enterprises in the UK. Perhaps the most significant finding from Quocirca was that only 29% of the organizations surveyed were very confident in the security of their data – a number that is without a doubt reflective of the current state of cyber threats and data breaches making headlines.
Beyond gauging businesses’ confidence levels in their security programs, the research also examined the potential causes for this lack of security confidence as well as the factors driving higher levels of confidence at some businesses. Ultimately, Quocirca identified three factors that combine to instill higher degrees of confidence in data security measures: employee education, adoption of data security technology, and coordinated security policies.
Employee Education Drives Security Confidence
It’s no surprise that employee education is a major contributor to any organization’s security posture. More surprising was Quocirca’s finding that lack of security education wasn’t just limited to non-security personnel:
- 39% of respondents did not feel that their security team was ‘highly knowledgeable’ on the topic of data protection, rising to 77% amongst the general IT team
- 36% of respondents rated senior management as ‘unknowledgeable’, rising to 47% amongst employees in general
Security Confidence is Diminished when Organizations Fail to Adopt Adequate Security Solutions
The research also found that while many companies had adopted traditional security technologies such as web and email filtering, most had failed to adopt advanced data security solutions:
- 64% have no digital rights management
- 60% do not monitor user behavior
- 51% do not deploy next generation firewalls
- 48% have no data scanning or classification of data
- 47% have no data loss prevention technology in place
Confidence Improves when Organizations Enact Coordinated Data Security and Incident Response Policies
Finally, the organizations that reported the highest levels of confidence in their data security measures were those that combined user education with adequate data security technologies in coordinated policies for data security and incident response. Among Quocirca’s key findings:
- Businesses with a coordinated response policy were more than twice as likely to be ‘very confident’ about defending data against the accidental actions of employees, compared with those with a more fragmented approach (34% vs 15% respectively)
- When looking at more malicious data breaches, those with a coordinated approach were three times as likely to be ‘very confident’ about defending data against criminal hackers (31% vs 9% respectively)
While Quocirca’s “crisis of confidence” amongst UK security teams may be concerning, organizations that successfully address these three factors can take confidence that their security measures are robust enough to keep their data safe and respond correctly when it is put at risk. Download Quocirca’s "Room for Improvement" report to learn more.
Digital Guardian MSP Datasheet
Get the details on how our security experts work to secure your sensitive data, so you can focus on your business.
Related ArticlesWindows Server 2003: The Time to Act is Now
With the end of Windows Server 2003 support fast approaching, companies must act now to migrate systems where possible and secure legacy systems.5 Tips for Protecting Sensitive Data at the Law Firm
Recent highly publicized cyber attacks at large law firms such as Mossack Fonseca, Cravath, and Weil Gotschal have made apparent the widespread shortcomings in security safeguards in the legal industry. Here are 5 tips on how law firms can address these concerns and protect sensitive data.3 Effective Ways to Prevent Security Leaks in Your Company
Follow this three-pronged approach to protect your data against loss or unwanted access.