In Depth

Confidential Data at Risk

Its five oclock; do you know where your data is?

By Larry Ponemon

Page 2


How Pervasive Is Laptop Loss or Theft?

Eighty-one percent of respondents report that their organizations have experienced one or more lost or missing laptop computer containing sensitive or confidential business information in the past 12-month period. Only 10 percent state that their company has not lost sensitive or confidential business information on a laptop in the past year. Nine percent report not knowing.

Not all lost laptops require notification because the data may have been encrypted or might not have revealed any personally identifiable information about data subjects (i.e., customers, consumers or employees). Despite this caveat, this finding provides evidence that the loss or theft of sensitive or confidential data at restsuch as intellectual property, business confidential documents, customer data and employee recordsis a pervasive problem that occurs within many companies.

What Kinds of Corporate Data at Rest Pose the Greatest Risk?

Organizations are increasingly worried about experiencing a data breach. With respect to their organizations current information security priorities, respondents rank the following activities as their top three priorities: protecting sensitive or confidential data in motion (transfer), managing identity and access, and protecting sensitive or confidential data at rest. With respect to data at rest, 81 percent of respondents report that it is a priority for their organizations this year, and 89 percent anticipate it will be a priority next year.

The four types of data considered to be most at risk in an organization are intellectual property, business confidential information, customer and consumer data, and employee data. It is interesting to note that most respondents believe the most serious kinds of data breaches involve the loss or theft of intellectual property and business confidential information.

Customer and consumer data and employee data are ranked third and fourth, respectively. The types of intellectual properties believed to be most at risk include electronic spreadsheets, competitive intelligence and source code. Bar Chart 1 shows the types of intellectual properties that pose the greatest threat, according to respondents in our study.

Bar Chart 1

What kinds of intellectual property create the greatest risk to the organization if lost or stolen?bar chart 1

A majority of respondents also view a corporate data breach of business confidential information to be very serious. The types of business confidential information believed to be most at risk include non-public financial statements, accounting reports, and budgets or forecasts. Bar Chart 2 shows the business confidential information that respondents say poses the greatest data risk.

Bar Chart 2

What kinds of business confidential information create the greatest risk to the organization if lost or stolen?

$firstKeyword

RESOURCE CENTER
Loading...
VIRTUAL CONFERENCE
Security Directions: A Virtual Conference

Security Directions Available On Demand Sept. 30 - Dec. 30

Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.

» Register Now

WEBCAST
Protecting PII: How to Work with IT to Manage Risk

Compuware Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.

» View this Webcast

Featured Sponsors