Application Security, Inc.(AppSec), a provider of database security, risk and compliance solutions (SRC) for the enterprise, and Unisphere Research have announced a new database security report, "Data in the Dark: Organizational Disconnect Hampers Information Security." The report, based on research conducted among 761 members of the Professional Association for SQL Server (PASS), reveals that companies suffer from a false sense of security.
This study reports that approximately 75% of respondents, the majority of whom are database administrators, are responsible for protecting their organization's database. However, 54% of respondents said production databases are out of their direct control.
In addition, the report found that 40% of respondents were unaware of their organization's IT security spend, with 57% having no idea of the potential cost impact of a large-scale data breach. Nearly half of the study's respondents said that a database breach would have greater impact on organizational security than any other IT component.
The study brought forth "some eye-opening results," Thom VanHorn, vice president, Global Marketing, Application Security, Inc., tells 5 Minute Briefing. "You can't pick up a newspaper and not see that another breach has occurred. It has been a problem for a while but it is just getting worse, and the type of companies that are being attacked has expanded," he adds.
In the past, attacks mainly targeted financial institutions and retailers, organizations that had credit card numbers, but more and more, institutions of higher learning such as universities and colleges, as well as healthcare organizations are being targeted because they have a wealth of sensitive data including Social Security and credit card numbers, VanHorn notes. The fact that people are after data isn't news, observes VanHorn, "but when I look at the results of the survey it is concerning because it makes it clear how far we have to go. Organizations clearly haven't moved far enough toward protecting their data."
Application Security, Inc. will be hosting a webinar during which VanHorn and Joe McKendrick, research analyst with Unisphere Research, will present a detailed overview of the findings and the far-reaching implications for enterprise organizations heading into 2011. To register for the webinar on November 15, at 2pm ET, go here.
To download a copy of the report "Data in the Dark: Organizational Disconnect Hampers Information Security," go here.
For a free database vulnerability assessment from Application Security, Inc., go here.