Data loss prevention is a constantly evolving field. Companies that believe their systems are capable of stopping intrusions despite going years between updates could be in for a rude awakening, as hackers change over time, growing more resourceful and developing stronger tools to access confidential information.
Recently released statistics for 2011 showed that while the motives behind hacking are shifting, the end results remain largely the same: lost or compromised data that could have enormous financial value to a company or damage the trust of customers.
The recently released Verizon 2012 Data Breach Investigations Report tracked 174 million records stolen during the 2011 calendar year. That number alone shows the persistent threat of data loss, as it is the second highest amount recorded by the survey since its inception in 2004. The document found that 80 percent of the breaches involved some form of hacking, with 69 percent involving malware inserted into the target system.
Showing that companies can avoid cyberattacks with proper care, 97 percent of the reported breaches were rated as avoidable, meaning that they could have been prevented with normal security technology rather than a difficult-to-implement and expensive system.
"The report demonstrates that unfortunately, many organizations are still not getting the message about the steps they can take to prevent data breaches," said Verizon risk intelligence director Wade Baker.
IT risk management is a critical investment area for businesses, but separate studies show that information security may actually be weakening rather than strengthening among large companies. The PricewatherhouseCoopers 2012 Global State of Information Security revealed a decline in the effectiveness of companies' data protection efforts.
While the 2009 edition of the survey found 39 percent of responding companies in possession of an accurate inventory of the locations that their data resides, only 29 percent of companies can say the same this year. IT departments are largely satisfied that their data protection strategies are working, with 72 percent of respondents saying that they are either somewhat or very confident with their security activities. One security breach could change minds.
Data security is a failure the moment that confidential information leaks, no matter the motive of the hacker or how they managed to compromise the system in the first place. Assuming that a current system will be enough to safeguard data is dangerous, and making moves toward data loss prevention is possible for companies of any size.