Enterprises ignoring database security

By

Database managers caught between a rock and a hard place, says report.

Enterprises ignoring database security
Almost half of large enterprises are ignoring key database security issues, research released today has claimed.

The allegations were made by database security provider Application Security Inc in a survey by privacy management consultant the Ponemon Institute.

The report highlights an "organisational disconnect" between the realisation of security threats and the process of addressing those threats.

Large enterprises are juggling ways to protect data from misuse by external and internal forces, while expanding access to the same data to drive business initiatives.

The Ponemon Institute surveyed 649 users in corporate IT departments worldwide with more than seven years' experience in the information security field.

More than 60 per cent of the respondents work within corporate chief information officer or chief technology officer departments.

Forty per cent of respondents said that their organisations do not monitor their databases for suspicious activity, or do not know whether such monitoring occurs.

Notably, more than half of these organisations have 500 or more databases, and the number is growing.

Trusted insiders' ability to compromise critical data was cited as the most serious concern. Some 57 per cent believe that their company has inadequate protection against malicious insiders, and 55 per cent for data loss by internal entities.

Around 78 per cent believe that databases are either 'critical' or 'important' to their business, and that customer data represents the most common data type contained within these databases.

Furthermore, customer/consumer and employee data ranks third and fourth respectively in regard to organisations' prioritisation of what must be protected.

"Data can be monetised quickly and the bad guys know it," said Larry Ponemon, chairman and founder of the Ponemon Institute.

"Organisations that fail to protect their data effectively are proving easy targets, often left to contend with considerable damage to their reputations and financial results."

Toby Weiss, president and chief executive at Application Security Inc, added: "Unless organisations directly protect their databases, everything else they are doing for data security is on shaky ground."
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
databaseenterprisesignoringsecurity

Sponsored Whitepapers

See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy

Events

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound
Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?