Netwrix survey: 91% of organizations are sure their sensitive data is stored securely

Netwrix, a vendor of information security and governance software, today at RSA Conference announced the release of its 2020 Data Risk & Security Report. This study polled 1,045 respondents worldwide about how their organizations treat sensitive and regulated data during each stage of its lifecycle in order to identify common security gaps.

According to the report, data storage is the most challenging stage of the data lifecycle for ensuring data protection. While the majority of respondents (91%) said they were certain their sensitive data is stored safely, one in four organizations admitted they had actually discovered such data outside of designated secure locations in the past 12 months. Moreover, the data was left overexposed for days (43%) or weeks (23%) before the incident was discovered. These figures represent the highest incident rate and the slowest detection time of all the lifecycle stages.

Other notable findings of the report include:

• 61% of organizations that are subject to the GDPR collect more customer data than the law permits.
• 66% of CIOs don’t have cybersecurity and risk KPIs that are regularly reported to their executives.
• 54% of organizations said that they do not follow the security best practice of reviewing user access rights to data on a regular basis.
• 30% of system administrators granted direct access to sensitive and regulated data based only on a user request in the past 12 months.
• Organizations that classify data at the creation stage spend just an average of 3 hours on each data subject access request (DSAR) — 11 times faster than those who don’t classify their data. In addition, their cost for managing DSARs increased by 24% or less, while those who don’t classify data reported increases of 50%–74%.

Even as cybersecurity budgets grow, data breaches continue to increase in both number and size. Cybersecurity leaders need to find more effective ways to manage data security risks and show return on investment to the executive team. Gaining more visibility into data, internal processes and user activity will enable them to prioritize their efforts, mitigate security and compliance risks more efficiently, and prove the effectiveness of their investments.
Steve Dickson, CEO at Netwrix.

Unstructured data often accounts for nearly 80% of the data footprint of an organization. The true extent and size of unstructured data are often unknown due to compression, deduplication and the number of copies of data within the organization. Beyond the substantial proportion of dark data prevalent in the average organization, within the unstructured dataset is often found more than 10 copies of the same files just through data protection, backup and recovery, business continuity, testing, and other automated activities.
Gartner, “Market Guide for File Analysis Software,” by Julian Tirsu, Marc-Antoine Meunier, February 2020.

To get the complete findings of the 2020 Netwrix Data Risk & Security Report, please visit: https://www.netwrix.com/2020datariskandsecurityreport.html

Or stop by the Netwrix booth (#1641) on the RSA Conference show floor on February 24–28, 2020.