Thirty-five percent of firms intend to spend more on data security in 2014.
A newly released report from Forrester indicates that data security is not an IT issue, but a business imperative as 36 percent of breaches originate from inadvertent misuse of data by insiders.
Data security makes up the second largest portion (17 percent) of the IT security technology budget in 2013 and a series of recent high-profile cyber attacks has driven attention to this issue.
Forty-eight percent of organisations now give a very high importance to data discovery, which is more than double of what it was in 2012 (20 percent). Fifty-six percent of companies rate data classification as a high or critical priority, according to the report “Understand The State Of Data Security And Privacy: 2013 To 2014.”
“As an organisation's data use, privacy considerations, and regulatory requirements collide in an increasingly complex world, it's only a matter of time before privacy and regulations require the full attention of a dedicated privacy officer and group,” said co-author of the report Heidi Shey.
Lack of security awareness
Forty-two percent of the workforce had been trained on staying secure at work, and 57 percent are aware of their organisation’s current security policies.
Fifty-six percent of information workers in organisations understand the security policies in place that are specific to data use and handling inside their company. About 61 percent actually follow security policies in general.
Ten percent of information workers are using a combination of desktop, laptop, tablet, and smartphone for work. Sixty-one percent are using some type of mobile device such as a laptop, tablet, smartphone for work.
Twenty-seven percent of information workers use at least three or more devices for work. Sixty-six percent of the workforce puts these files on a USB flash drive or CD/DVD when accessing or storing files on these devices. Twenty-seven percent use a file sync, sharing, or online locker service for this purpose.
Forrester advises that even though enterprises are spending more on data security, they have to understand that each organisation’s investment policies should be designed after analysing budget and technology adoption plans for data security and privacy.
Sign up for CIO Asia eNewsletters.