Nearly three-quarters of organizations believe they have adequate policies in place to protect sensitive, personal information, yet more than half have lost sensitive data within the past two years — and nearly 60% of those organizations acknowledge data loss as a recurring problem, according to findings of a global study released by Accenture.
The study — which surveyed more than 5,500 business leaders in 19 countries (28% came from Asia Pacific) — reveals a startling difference between organizations’ intentions regarding data privacy and how they actually protect sensitive personal information, such as name, address, date of birth, race, National ID/social security number and medical history. The study was conducted in conjunction with the Ponemon Institute, an independent privacy, protection and information security research firm.
“The volume of sensitive personal information being collected and shared by organizations has grown exponentially in recent years, making data protection a critical business issue and not just a technology concern,” said Alastair MacWillson, managing director of Accenture’s Security practice. “Our study underscores the importance of taking a comprehensive approach to data privacy and protection, one that closes the gaps between business strategy, risk management, compliance reporting and IT security.”
Fifty-eight% of business respondents have experienced at least one data security breach over the past two years, yet 73% said their organization has adequate policies to protect the personally identifiable information it maintains.
While 70% agreed that organizations have an obligation to take reasonable steps to secure consumers’ personal information, there are discrepancies in their commitments for doing so. For instance, 45% of respondents were unsure about or actively disagreed with granting customers the right to control the type of information that is collected about them.
The study also found that 47% were unsure about or disagreed with customers having a right to control how this information is used. Nearly half also did not believe it was important or very important to: limit the collection (47%) or sharing (46%) of sensitive personal customer information; protect consumer privacy rights (47%); prevent cross-border transfers of personal information to countries with inadequate privacy laws (47%); prevent cyber crimes against consumers (48%); or prevent data loss or theft (47%).
IT managers are finding it difficult to keep their applications and data safe in the cloud, and many are slowing cloud adoption because of it. That was one of the findings of an Intel cloud security report that surveyed 2,000 IT professionals in...
Apple has acquired the Workflow automation app, which allows iOS users to trigger a sequence of tasks across apps with a single tap. A spokesman for Apple confirmed on Wednesday the company's acquisition of DeskConnect, the developer of the...
Companies that use security products to inspect HTTPS traffic might inadvertently make their users' encrypted connections less secure and expose them to man-in-the-middle attacks, the U.S. Computer Emergency Readiness Team warns. US-CERT, a...
The rapidly evolving threat landscapes of today (and the future) presents us with more and costlier data breaches, and highlights a particularly critical issue: Shortage of IT security personnel. IT security tops the list of IT decision...
PT Bukaka Teknik Utama Tbk, Indonesia’s leading infrastructure and metal construction company, has selected the complete Oracle Applications Cloud Suite, including Oracle ERP Cloud, Oracle HCM Cloud and Oracle CX Cloud to optimize the...
Amazon today announced Chime, a unified communications as a service (UCaaS) offering hosted in Amazon Web Service’s cloud. Amazon is entering a crowded market of UC solutions, some of which are already cloud-based and others that run on...
Linux system administrators should be on the watch for kernel updates because they fix a local privilege escalation flaw that could lead to a full system compromise. The vulnerability, tracked as CVE-2017-6074, is over 11 years old and was likely...
At its InterConnect conference in Las Vegas this week, IBM is announcing new features for its open source cloud-hosted blockchain service in an attempt to bring this distributed database technology from its initial use of powering Bitcoin to a...