Database Slideshow: Enterprise Data Breaches: Ignorance Isn't Bliss

By Dennis McCafferty  |  Posted 12-06-2010

20 percent

20 percent of respondents say it's at least "somewhat likely" that their organization will experience a data breach within the next 12 months.

20 percent

7 percent

7 percent of respondents say their organizations have suffered at least one confidential data breach within the past 12 months.

7 percent

6 percent

6 percent of respondents say they aren't sure whether or not their organizations have suffered a data breach, but it's possible.

6 percent

Root causes of confidential data breaches over the past 12 months (percent respondents)

External attack (34 percent)Human Error (29 percent)Insider attack (21 percent)Accidental loss of device(s) with confidential data (20 percent)Malicious code/viruses (18 percent)Abuses of privileges by IT staff (15 percent)

Root causes of confidential data breaches over the past 12 months (percent respondents)

14 percent

14 percent of respondents say that the total cost of data breaches over the course of a year amounts to at least $10,000.

14 percent

57 percent

57 percent of respondents say that they don't know the cost of data breaches to their organizations over the past 12 months.

57 percent

24 percent

Nearly one quarter of respondents say that confidential/personally identifiable information (such as Social Security and credit-card numbers) accounts for more than 26 percent of all enterprise data compromised.

24 percent

33 percent

Only 33 percent of respondents say they encrypt personal identity information in all databases.

33 percent

Functions impacted by data breaches in the past year (percent respondents):

Database operations (46 percent)Web apps (27 percent)E-mail (19 percent)Core apps (15 percent)Network components (14 percent)

Functions impacted by data breaches in the past year (percent respondents):

How do you spend your database security time? (percent respondents)

Configuration/patch management (21 percent)Database audit/threat management and activity monitoring (17 percent)Overseeing user-rights management (15 percent)

How do you spend your database security time? (percent respondents)

Biggest barriers to improved security (percent respondents)

Budget constraints (55 percent)Lack of understanding of threats (39 percent)Lack of formal database security processes and procedures (36 percent)Disconnect between IT operations and executive management team (30 percent)Management complacency/lack of awareness (28 percent)

Biggest barriers to improved security (percent respondents)

31 percent

31 percent of respondents say their organizations have either decreased or frozen information security spending in the past 12 months.

31 percent