UK businesses are unable to determine the risk to 58% of confidential data stored in the cloud.

Businesses are failing to identify sensitive or confidential information, which is partly due to only a quarter having a process in place for discovering this data in the cloud.

Things are not much better for confidential and sensitive data on premise, with just 45% having a common process in place related to this.

One of the biggest concerns created by the proliferation of data is knowing where the sensitive or confidential data resides, with 55% of IT and IT security practitioners highlighting this.

Organisations are finding themselves relying on automated solutions to help them discover the data and to assess the risk. On average 46% are using these tools for on premise but only 34% for data in the cloud.

Amit Walia, SVP, GM, Data Integration and Security, Informatica, said: "As the research shows, the majority of organisations do not have a handle on their sensitive data, regardless of whether it exists on premise or in the cloud. However, because businesses have less confidence in their understanding of sensitive data then they perceive more risk."

"To reduce threat exposure and improve breach resiliency, organisations need to invest in data centric security technologies, which enable businesses to enact the need-to-know data access policies that help limit the exposure of sensitive data."

One of the issues caused by not knowing what sensitive data an organisation has on premise, is that it is also highly unlikely that it will understand what it has moved to the cloud for platform or application services.

Surprisingly, despite fears related to moving data to the cloud, it is shown that only 32% of organisations have a common process for assessing the threats. This relates in to 54% admitting that they are not confident in their ability to respond to a new threat in the cloud.

Dr. Larry Ponemon, chairman and founder, Ponemon Institute, said: "Whilst businesses are more confident about having data on premise, the shift towards cloud computing is continuing to accelerate and organisations can’t afford to be held back by data security concerns.

"Instead, security practitioners need to get a handle on the classification of data so that they can feel more confident about the information that they are moving to the cloud. Regardless of whether information is held on premise or in the cloud, data governance protocols should be the same."

This information is released by Informatica, which was surveyed 118 UK IT and IT security professionals who have responsibility for data protection. It was completed by the Ponemon Institute as part of its 2015 State of Data Security Intelligence study.