Survey: 85 Percent Of U.S. Organizations Hit By At Least One Data Breach In Last 12 Months

  • Jul 13, 2009

PGP Corp. recently announced the results from The Ponemon Institute's fourth annual study on encryption usage in the enterprise -- The 2009 Annual Study: U.S. Enterprise Encryption Trends.

This year's study surveyed 997 IT and security practitioners and identifies the trends in enterprise encryption planning strategies, budgeting and spending, deployment methodologies and impact on data breach incidents. While 78 percent of organizations have an encryption strategy in place and are moving toward a more consistent approach to data protection, data breaches continue to rise across the board. 85 percent of survey respondents experienced at least one data breach in the last 12 months, consistent with 84 percent in 2008, and the number of companies experiencing more than 5 data breaches in one year rose to 22 percent, up from 13 percent last year. For the first time, fifty-eight percent of the respondents reported that data protection is a very important part of their overall risk management. Additionally, as organizations increasingly rely on mobile technology and PDAs as their primary computing platform, 26 percent indicate they encrypt a smartphone or PDA most of the time, 51 percent said they never do.

"In our fourth year of conducting this study, we are consistently breaking new ground in identifying new data protection trends to help enterprises as they assess their risk posture," said Dr. Larry Ponemon, chairman and founder of The Ponemon Institute. "Organizations are looking for more complete solutions that can protect their data wherever it may reside. The focus for 2010 needs to be on applying a strategic approach to data security across the enterprise."

The following list summarizes key findings from the study that included nearly 1,000 U.S.-based enterprise IT leaders, analysts and executives:

  • Data protection is an important part of an organization's risk management efforts. For the first time, Ponemon asked how data protection relates to an organization's risk management efforts. Fifty-eight percent report that is a very important part of risk management and 22 percent say it is an important part.
  • Encryption of data on mobile data-bearing devices used by employees is very important or important. More than 59 percent of respondents say it is very important or important to encrypt employees' mobile devices -- a sign that organizations recognize that valuable data is more mobile than ever.
  • More than 70 percent have fully executed or just launched data encryption strategy in their organization. Once again data encryption strategies are being implemented across a majority of the respondent participants. The majority of organizations, 78 percent, have some type of encryption strategy, up from 74 percent in 2008 and from 66 percent in 2007.
  • Data breaches continue to be a huge problem: Eighty-five percent of organizations surveyed had had at least 1 data breach in the last 12 months, demonstrating that there is no let up in breaches as this is consistent with 84 percent sited in the 2008 report. Companies suffering more than 5 data breaches rose to 22 percent in 2009 up from 13 percent in 2008.
  • Encryption is mostly used to mitigate data breaches and comply with privacy and data protection regulations. In addition, there was an increase in the percentage of respondents who reported that encryption is also important to preserving brand and reputation.
  • The percentage of organizations using the platform approach to managing encryption solutions has increased. Additionally, 76 percent would strongly recommend or recommend the platform-based approach if it reduced the cost of acquiring, deploying and managing encryption applications.

"This year's research clearly demonstrates that compliance, breaches and brand damage are driving companies to deploy more data protection solutions," said Phillip Dunkelberger, president and CEO of PGP Corporation. "The risk migration goal is clear; take a more strategic approach to protect your data -- at rest, in motion and in use."

For more information or to receive a copy of this study, visit: http://www.encryptionreports.com.

Featured

  • Security Industry Association Announces the 2026 Security Megatrends

    The Security Industry Association (SIA) has identified and forecasted the 2026 Security Megatrends, which form the basis of SIA’s signature annual Security Megatrends report defining the top 10 factors influencing both near- and long-term change in the global security industry. Read Now

  • The Future of Access Control: Cloud-Based Solutions for Safer Workplaces

    Access controls have revolutionized the way we protect our people, assets and operations. Gone are the days of cumbersome keychains and the security liabilities they introduced, but it’s a mistake to think that their evolution has reached its peak. Read Now

  • A Look at AI

    Large language models (LLMs) have taken the world by storm. Within months of OpenAI launching its AI chatbot, ChatGPT, it amassed more than 100 million users, making it the fastest-growing consumer application in history. Read Now

  • First, Do No Harm: Responsibly Applying Artificial Intelligence

    It was 2022 when early LLMs (Large Language Models) brought the term “AI” into mainstream public consciousness and since then, we’ve seen security corporations and integrators attempt to develop their solutions and sales pitches around the biggest tech boom of the 21st century. However, not all “artificial intelligence” is equally suitable for security applications, and it’s essential for end users to remain vigilant in understanding how their solutions are utilizing AI. Read Now

  • Improve Incident Response With Intelligent Cloud Video Surveillance

    Video surveillance is a vital part of business security, helping institutions protect against everyday threats for increased employee, customer, and student safety. However, many outdated surveillance solutions lack the ability to offer immediate insights into critical incidents. This slows down investigations and limits how effectively teams can respond to situations, creating greater risks for the organization. Read Now

Most   Popular

New Products

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening.

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles.

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities