Survey: Data breaches difficult to spot, prevent

IT pros worry that false positives and a lack of resources are preventing them from blocking data breaches

IT security professionals are struggling to detect and prevent data breaches, according to the results of a recent survey of 853 U.S. security executives conducted by the Ponemon Institute LLC.

Nearly two-thirds of security executives said they have no way to prevent a data breach, while most respondents said their organisations lack the accountability and resources necessary to enforce data security policy compliance, according to the Elk Rapids, Mich.-based think tank. The study, conducted in June and July, was sponsored by security firm PortAuthority Technologies Inc.

There's a lot of frustration at the CIO level, because there's a feeling that the responsibilities should be shared across the management structure more than they are.
Larry Ponemon
Chairman and FounderPonemon Institute
"I don't think I expected two-thirds to say they can't prevent a breach," said Larry Ponemon, chairman and founder of the Ponemon Institute. "If your first line of defence says you can't win the war, it indicates a big problem."

According to the Ponemon Institute's final report on the survey:

  • 59% of respondents said they can effectively detect a data breach, but a staggering 63% don't think they can prevent a data breach.

  • High false positive rates of up to 35% affect the ability of many organisations to detect a breach.

  • 41% of respondents don't believe they are effectively enforcing data security policies. The top reason given for failed enforcement is lack of resources.

  • Respondents said there's a 68% probability they can detect a large data breach involving more than 10,000 data files.

  • But they said small data breaches involving fewer than 100 files are only likely to be detected 51% of the time.

  • Only 16 % of respondents believe they are invulnerable to a data breach.

  • Excessive cost was the main reason 35% of respondents said they're not using leak-prevention technologies.

    Ponemon said the findings suggest IT pros are between a rock and a hard place because they're shouldering the lion's share of responsibility for preventing breaches but don't have the resources to be 100% effective.

    "There's a lot of frustration at the CIO level, because there's a feeling that the responsibilities should be shared across the management structure more than they are," he said. "They're also concerned about their ability to enforce security policies. Even when someone finds the culprit behind a breach, policies aren't enforced and mistakes are repeated in terms of what users do in their computing habits."

    But Ponemon said respondents don't see their situation as hopeless.

    "A lot of these people feel their current problem is a resource issue, but that technology can help them solve some of the problems," he said.

    Raj Dhingra, PortAuthority Technologies's vice president of products and marketing, said his company sponsored the study because it wanted to pinpoint the root causes of corporate data breaches. "We feel this study helps bring greater understanding of these issues, while validating that the industry requires much more than just monitoring of information leaks, but automated enforcement to best prevent information leaks," he said.

  • Read more on IT risk management