Bloor Research surveyed 200 senior IT security executives in the UK and the US, all with organizations that have more than 1,000 employees.
More than half (54%) of organizations identified data security as a serious or critical concern and many report that their concerns are increasing. Findings also indicate that data classification is one of the critical tools for securing data, ranking in the top three most important security controls for organizations across a variety of industries.
The importance of data classification as a key part of a layered security approach is further underlined by the fact that 52% of organizations surveyed already use some form of data classification tools, with a bias towards US companies.
Principal Analyst at Bloor Research, Fran Howarth said: “Effective information governance is essential for data security and needs to be implemented across the entire lifecycle of information. Data classification policies and tools allow all data to be classified according to its sensitivity and criticality to the organization. Such policies and tools need to be extended to all systems and devices, including mobile devices, the use of which is growing rapidly.”
Fran Howarth added: “Although malicious data breaches may be of greater concern to respondents, organizations should be aware that insider threats – whether malicious or accidental – can be the most damaging since those internal to the organization have access to the most sensitive information, particularly when they have high levels of privileged access.”
Today’s threat landscape is increasingly complex and sophisticated and the number of security incidents that organizations face will only grow. In order for organizations to safeguard themselves from potential brand and reputational damage and fines, they need to implement effective information governance strategies, incorporating data classification policies and tools to protect information throughout its lifecycle and ensure they are enforced.