View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Software
April 4, 2010

Enterprises lack emphasis on protecting corporate secrets

Focus on compliance-related data needs

By CBR Staff Writer

Enterprises are investing heavily in compliance and protection against accidental leaks of custodial data, but under-investing in protection against theft of far more valuable corporate secrets, according to a new report from Forrester Consulting, commissioned by Microsoft and RSA, the security division of EMC.

The survey of 305 IT security decision-makers worldwide found that while organisations focus on data security incidents related to accidental loss, information theft by employees or trusted outsiders is more costly.

According to the study, nearly 90% of enterprises surveyed agreed that compliance with PCI-DSS, data privacy laws, data breach regulations and existing data security policies is the primary driver of their data security programs. Significant percentages of enterprise budgets (39%) are devoted to compliance-related data security programs.

The study found that secrets comprise 62% of the overall information portfolio’s total value while compliance-related custodial data comprises just 38%, a much smaller proportion.

The firm said that every company surveyed rated its security controls to be equally effective, despite a wide range in security spending, views on the value of information and the number of security incidents reported among the respondents.

Forrester, Microsoft and RSA recommend enterprises to identify the most valuable information assets in the company’s portfolio; create a risk register of data security risks that document specific threat scenarios; assess and reprioritise  the IT security program’s balance between compliance and protecting secrets, and increase vigilance of external and third-party business relationships.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.