Organizations rely on data to power their businesses. Information about their customers, records of previous transactions, performance metrics, and financial results deliver critical insight into what they're doing and what they need to do next. But that same information can be a major liability if it's not properly protected, according to Symantec. To compile its first State of Information report, Symantec surveyed executives at 4506 companies in 38 countries, asking how much organizations were spending to store and secure information. The report estimates that there are 2.2 zettabytes of data, and worldwide spending on that data topped $1 trillion dollars. "Companies that effectively use their information will have a major competitive advantage over those who cannot, and in some cases it can be the difference between success and failure," said Francis deSouza, group president of the enterprise products and services division at Symantec. The report recommends organizations shift their focus on protecting the actual data and not on the device hosting the data or the data center it is residing in. With BYOD and the shift to cloud computing, information is no longer confined, Symantec said. Protection must focus data, not the device or data center. Organizations also need to be able to separate useless data from valuable information and set appropriate levels of protection. While it's important to implement consistent policies across all platforms and types of data, CIOs need to plan for future information needs with flexible infrastructure. Here CIO Insight looks at the findings from Symantec's State of Information 2012 survey.