Survey: State Of Economy Leading To Increased Data Loss For Companies

  • Aug 14, 2009

In its sixth annual study of outbound e-mail and data loss prevention issues, Proofpoint, Inc. found that U.S. companies are increasingly concerned about a growing number of data leaks caused by employee misuse of e-mail, blogs, social networks, multimedia channels and even text messages.

According to the June study of 220 e-mail decision makers at U.S. companies with more than 1000 employees, organizations continue to embrace preventative measures -- some more drastic than others.

For example, as more U.S. companies reported their business was impacted by the exposure of sensitive or embarrassing information (34 percent, up from 23 percent in 2008), an increasing number say they employ staff to read or otherwise analyze the contents of outbound e-mail (38 percent, up from 29 percent in 2008).

The pain of data leakage has become so acute in 2009 that more U.S. companies report they employ staff whose primary or exclusive job is to monitor the content of outbound e-mail (33 percent, up from 15 percent in 2008).

In addition, companies are regularly ordered to produce employee e-mail as part of legal actions, exposing its contents to outside scrutiny. Nearly a quarter (24 percent) of large US companies report that employee e-mail was subpoenaed in the past 12 months.

When U.S. companies investigated the exposure of confidential, sensitive or private information via e-mail, blogs, multimedia channels and/or social networks, the end result for the offending employee was generally very bad news:

  • E-mail still the top threat: 43 percent of US companies surveyed had investigated an e-mail-based leak of confidential or proprietary information in the past 12 months. Nearly a third of them, 31 percent, terminated an employee for violating e-mail policies in the same period (up from 26 percent in 2008).
  • Blogs breaches continue: 18 percent had investigated a data loss event via a blog or message board in the past 12 months. 17 percent disciplined an employee for violating blog or message board policies, while nearly nine percent reported terminating an employee for such a violation (both increases from 2008, 11 percent and six percent, respectively).
  • Video exposure: Given the rapid adoption of video and audio media within the enterprise -- and the popularity of media sharing sites like YouTube -- it's no surprise that more U.S. companies reported investigating exposure events across these channels (18 percent, up from 12 percent in 2008). As a result, 15 percent have disciplined an employee for violating multimedia sharing / posting policies in the past 12 months, while eight percent reported terminating an employee for such a violation.
  • Friends or foes?: Concerning social networks, U.S. companies are also experiencing more exposure incidents involving sites like Facebook and LinkedIn as compared to 2008 (17 percent versus 12 percent). U.S. companies are taking a much more forceful approach with offending employees -- eight percent reported terminating an employee for such a violation as compared to only four percent in 2008.
  • Data loss in 140 characters or less: Even short message services like SMS texts and Twitter pose a risk. 13 percent of U.S. companies investigated an exposure event involving mobile or Web-based short message services in the past 12 months.

As the global economic recession forced many U.S. companies to downsize and reduce spending, the results of Proofpoint's survey show that those actions have often put them at greater risk for several reasons:

  • 18 percent of U.S. companies investigated a suspected leak or theft of confidential or proprietary information associated with an employee leaving the company (e.g., through voluntary or involuntary termination) in the past 12 months.
  • 42 percent of respondents say that increasing numbers of layoffs at their organizations in the past 12 months have created an increased risk of data leakage. 47 percent of respondents report that layoffs of IT staff have negatively impacted their organization's ability to protect confidential, proprietary and sensitive information in the past 12 months.
  • 50 percent of respondents say that budget constraints have negatively impacted their organization's ability to protect confidential, proprietary or sensitive information in the past 12 months.

Featured

  • Maximizing Your Security Budget This Year

    Perimeter Security Standards for Multi-Site Businesses

    When you run or own a business that has multiple locations, it is important to set clear perimeter security standards. By doing this, it allows you to assess and mitigate any potential threats or risks at each site or location efficiently and effectively. Read Now

  • New Research Shows a Continuing Increase in Ransomware Victims

    GuidePoint Security recently announced the release of GuidePoint Research and Intelligence Team’s (GRIT) Q1 2024 Ransomware Report. In addition to revealing a nearly 20% year-over-year increase in the number of ransomware victims, the GRIT Q1 2024 Ransomware Report observes major shifts in the behavioral patterns of ransomware groups following law enforcement activity – including the continued targeting of previously “off-limits” organizations and industries, such as emergency hospitals. Read Now

  • OpenAI's GPT-4 Is Capable of Autonomously Exploiting Zero-Day Vulnerabilities

    According to a new study from four computer scientists at the University of Illinois Urbana-Champaign, OpenAI’s paid chatbot, GPT-4, is capable of autonomously exploiting zero-day vulnerabilities without any human assistance. Read Now

  • Getting in Someone’s Face

    There was a time, not so long ago, when the tradeshow industry must have thought COVID-19 might wipe out face-to-face meetings. It sure seemed that way about three years ago. Read Now

    • Industry Events
    • ISC West
Most   Popular

Featured Cybersecurity

Webinars

New Products

  • Hanwha QNO-7012R

    Hanwha QNO-7012R

    The Q Series cameras are equipped with an Open Platform chipset for easy and seamless integration with third-party systems and solutions, and analog video output (CVBS) support for easy camera positioning during installation. A suite of on-board intelligent video analytics covers tampering, directional/virtual line detection, defocus detection, enter/exit, and motion detection. 3

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles. 3

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings. 3