Netwrix survey: 91% of organizations are sure their sensitive data is stored securely
Netwrix, a vendor of information security and governance software, today at RSA Conference announced the release of its 2020 Data Risk & Security Report. This study polled 1,045 respondents worldwide about how their organizations treat sensitive and regulated data during each stage of its lifecycle in order to identify common security gaps.
According to the report, data storage is the most challenging stage of the data lifecycle for ensuring data protection. While the majority of respondents (91%) said they were certain their sensitive data is stored safely, one in four organizations admitted they had actually discovered such data outside of designated secure locations in the past 12 months. Moreover, the data was left overexposed for days (43%) or weeks (23%) before the incident was discovered. These figures represent the highest incident rate and the slowest detection time of all the lifecycle stages.
Other notable findings of the report include:
- 61% of organizations that are subject to the GDPR collect more customer data than the law permits.
- 66% of CIOs don’t have cybersecurity and risk KPIs that are regularly reported to their executives.
- 54% of organizations said that they do not follow the security best practice of reviewing user access rights to data on a regular basis.
- 30% of system administrators granted direct access to sensitive and regulated data based only on a user request in the past 12 months.
- Organizations that classify data at the creation stage spend just an average of 3 hours on each data subject access request (DSAR) — 11 times faster than those who don’t classify their data. In addition, their cost for managing DSARs increased by 24% or less, while those who don’t classify data reported increases of 50%–74%.
Even as cybersecurity budgets grow, data breaches continue to increase in both number and size. Cybersecurity leaders need to find more effective ways to manage data security risks and show return on investment to the executive team. Gaining more visibility into data, internal processes and user activity will enable them to prioritize their efforts, mitigate security and compliance risks more efficiently, and prove the effectiveness of their investments.
Steve Dickson, CEO at Netwrix.
Unstructured data often accounts for nearly 80% of the data footprint of an organization. The true extent and size of unstructured data are often unknown due to compression, deduplication and the number of copies of data within the organization. Beyond the substantial proportion of dark data prevalent in the average organization, within the unstructured dataset is often found more than 10 copies of the same files just through data protection, backup and recovery, business continuity, testing, and other automated activities.
Gartner, “Market Guide for File Analysis Software,” by Julian Tirsu, Marc-Antoine Meunier, February 2020.
To get the complete findings of the 2020 Netwrix Data Risk & Security Report, please visit: https://www.netwrix.com/2020datariskandsecurityreport.html
Or stop by the Netwrix booth (#1641) on the RSA Conference show floor on February 24–28, 2020.
Netwrix makes data security easy. Since 2006, Netwrix solutions have been simplifying the lives of security professionals by enabling them to identify and protect sensitive data to reduce the risk of a breach, and to detect, respond to and recover from attacks, limiting their impact. More than 13,000 organizations worldwide rely on Netwrix solutions to strengthen their security and compliance posture across all three primary attack vectors: data, identity and infrastructure.
For more information, visit www.netwrix.com.
Your questions and feedback are always welcome. Please dial our toll-free number: 888 - 638 - 9749, or enter your question details here and we will reply as soon as possible.
Erin Jones, Avista PR for Netwrix
Phone: 704 - 664 - 2170