Sunday, January 25, 2009

Instances of data breaches increase

Recently an analysis was released by the Identity Theft Resource Center citing an increase in the instances of data breaches in 2008 compared to 2007. In the report the ITRC indicated that the instances of data breaches were up 47% in 2008 compared to 2007. While instances of breaches in the government sector were down, those in the business enterprise were up nearly 40% from the previous year, now totaling more that one third of all breaches according to the ITRC. While the ITRC did give the financial sector credit as being the most proactive among all the sectors in protecting sensitive data, they did point out that the instances of data breaches in the financial services sector increased over 250% from 2007 to 2008.The big question is what to do about it. Here are a few ideas:

  • Data Loss Prevention technology adoption- The numbers are already supporting the wider adoption of this technology, with one study quoting 29% of enterprises indicating having DLP solutions in use. With an additional 37% looking at implementation in the future one might conclude that it is about time we get these solutions in the field to reverse the trend point out by the ITRC.
  • The press article citing the ITRC report indicated that only 2.4% of breaches occurred where encryption or other strong protection methods were being employed. While encryption is widely adopted by enterprises it is not used very deeply in those same enterprises.
  • The ITRC also reported that insider theft accounted for 15.7% of data breaches, more than doubling from 2007 to 2008. As we have also reported 85% of all enterprises report now that they treat internal threats and external threats with equal weight or emphasis.

It would appear that as an industry we have the portfolio of solutions to reverse the trend cited by the ITRC. What remains to be seen is if the enterprise community will allow economic conditions to slow programs to slow down efforts to fix the underlying issues in their infrastructures that feed the trend.