72.5% of nearly 2,000 respondents offered a resounding ďNoĒ to the question: ďDo you REALLY believe organizations care about your private data and keeping it safe and secure?Ē
While always in the news, the issue of information security has taken on greater urgency in recent months, due in part to a rash of high-profile data breaches. Brand-name retailer Target is still reeling from a series of revelations about the theft of confidential information late last year, with private data on some 100 million customers compromised.
Neiman-Marcus, Michaels Stores, Adobe and White Lodging, among others, have also faced data breach issues. Beginning in mid 2013, unauthorized data theft of a different kind began hitting the headlines when it was revealed that Edward Snowden, a low-level contractor with the NSA, was using his access privileges to illegally obtain huge amounts of classified information on government programs.
This survey reveals the extent of the publicís unease with the level of data protection they want or expect. Most large organizations claim to have ironclad security measures in place, guided by strict industry guidelines and compliance mandates. Yet, as the poll results demonstrate, most consumers donít have the confidence needed to ensure smooth business operations.
ďA survey like this is basically a snapshot in time, not a full measure of public opinion, but the high level of distrust is still breathtaking,Ē said Eric Chiu, president of HyTrust. ďMany organizations maintain that theyíre doing everything they can to protect private customer information, but the public at large believes otherwise. And in industries where data security is vitalóretail, financial services and healthcare, for exampleóthis lack of confidence will inevitably have a negative impact on the bottom line.Ē
Concerns about security are also being heightened by the ongoing mass-migration to cloud computing and virtualized infrastructures. While offering significant benefits ranging from far greater flexibility and scalability to cost reductions, there are also persistent questions about data security and privacy. The concentration of systems, networks and data naturally carries with it a concentration of risk.
There have already been numerous cases of data theft and system crashes, in part because of the wide level of access granted to enable routine business operations. In fact, many of the major problems that have emerged recently stemmed from inside the organization, or by privilege hijacking or stolen credentials, and once the bad guys gain access this way, they look exactly the same as the good guys.