Firms prize intellectual property and business confidential data above that concering customers or employees, but most data breaches involve personal information, according to a new study by the US-based researcher Ponemon Institute.
“Among core security and IT professionals, operational efficiencies and system optimisation are consistently higher priorities than efforts related to Sarbanes-Oxley, PCI, NIST 800-53 or other similar compliance initiatives,” the researcher said.
A survey of 649 corporate IT departments worldwide showed that more than half had 500 databases or more, mostly holding customer data. Nearly 80% said the databases were critical or important to the business.
But 40% of respondents said their companies either do not or do not know if they monitor their databases for suspicious activity.
A significant four out of 10 database owners do not monitor them for suspicious activity, claimed the researcher’s findings.
Respondents viewed insiders as the greatest threat, and more than half reckoned the databases were vulnerable to malicious attacks or data thefts by insiders.
Comment on this article: firstname.lastname@example.org