McAfee announced it has released a report, Datagate: The Next Inevitable Corporate Disaster?, revealing a widespread belief that a major security breach, even an unintentional one, could lead to the collapse of a major corporation. The global research surveyed more than 1400 IT professionals at companies with at least 250 employees in the United States, the United Kingdom, France, Germany and Australia.
Thirty-three percent of respondents said they believe a major data loss incident involving accidental or malicious distribution of confidential data could put them out of business.
The research also suggests that while awareness regarding the danger of breaches is high, the problem continues to grow. Sixty percent of respondents said they had experienced a data breach in the past year, and only six percent of respondents could say with certainty that they had not experienced one in the previous two years. However, despite the prevalence of breaches, enterprises are still devoting just a fraction of their IT budgets to the problem. On average respondents spend just one-half of one percent of their overall IT budgets on data security.
Additional key findings from the research include:
- A data breach that exposed personal information would cost companies an average of $268,000 to inform their customers-even if the lost data is never used
- Sixty-one percent of respondents think that data leakage is the doing of insiders, and 23 percent believe those leaks are malicious
- Nearly half (46 percent) of respondents don't debrief or monitor employees after they have given notice that they are leaving the company
- Twenty-three percent of respondents were able to estimate the total annual cost of data leakage, and the average figure they gave was $1.82 million
- Respondents rated loss of intellectual property and financial information as the two most valuable classes of data-with the average estimated cost of leaked financial data reaching $1.68 million.
"Six in ten companies admitting a breach in just the past year is ample proof that more needs to be done to address this very serious problem," said Dave DeWalt, president and chief executive officer at McAfee, Inc. "Awareness alone isn't enough. To protect customers, employees and shareholders, data loss prevention needs to become a top priority at every level of the organization, from the board room to the lunch room."