It costs businesses $4 million when they suffer a breach, a new report found.
Of the 50 percent who reported being breached last year, the average material impact to the business was $4 million, according to a report by market research firm, Vanson Bourne.
Six hundred senior IT decision-makers ended up interviewed at organizations with at least 1,000 employees across Australia, France, Germany, Italy, the United Kingdom and the United States.
The survey found 35 percent of companies suffered two or more breaches in the last twelve months.
On top of that, attacks should continue as at least 60 percent of respondents expect to suffer a breach this year, with 29 percent believing they won’t even know they fell victim to a breach when it happens.
As a result, survey respondents are focused on mitigating their exposure points as an organization – with 65 percent seeing identity management as a foundation of their security strategy.
The following are common areas of risk organizations need to address:
Documents and files may be an enterprise’s biggest downfall in 2017. Unstructured data that lives outside of structured corporate systems and applications is a huge red flag for enterprises today – even though that data runs rampant through a typical enterprise, 41 percent aren’t sure how to manage and protect that data from theft.
Employees need to understand – and follow – corporate security policies. Forty-two percent of respondents cite trends like BYOD and Shadow IT as great areas of risk for their organization, yet less than half have formalized corporate security policies in place. Coupled with the risks posed by continued poor password hygiene cited by 25 percent of respondents, enterprises admit they need to better outline and enforce corporate security policies, company-wide.
The contractor workforce is an enterprise blind spot. The surge in freelancers, contract workers and other third parties that make up today’s diverse workforce presents a significant challenge for organizations. Forty-six percent of respondents remain concerned with the threat contractors may pose to their organization, with 70 percent admitting they don’t have full visibility into the access contractors have to corporate systems and the sensitive data that lies within.
In addition, the report found:
• 46 percent of respondents remain concerned about proper visibility into who has access to what across their corporate network, with a majority (86 percent) admitting if their chief executive’s email was hacked, they wouldn’t immediately know what their exposure points were.
• 77 percent of respondents now understand the importance of having strong identity governance controls in place across their organization’s entire IT infrastructure, especially when it comes to showcasing that those controls are in place to their board of directors.
• The benefits of an identity governance program are clear, with respondents citing enhanced security (65 percent), a more automated and efficient organization (64 percent), and business enablement (58 percent), as key business benefits.