New research by Varonis has revealed that only 25% of those companies questioned were able to answer yes to the question: "Are you able to detect when files containing sensitive data are uploaded to a third party cloud service?" Which left a staggering three-quarters of businesses in the dark about the potential for data leakage. It's a growing problem, what with the increasingly widespread availability of public cloud storage such as Dropbox and Google Drive to employees during the last couple of years. The research paper 'Security Incidents and Real-time Alert' also suggests that companies are in the dark about other important security issues. Not least the ability to spot when there has been a data breach.
This 'Red Alert Research Report' was based upon survey data from some 248 information security professionals attending industry events in the UK and US, so the results are about as good a painting of the real-world business IT security landscape as you are going to get. The people being questioned were, after all, those tasked with the job of actually protecting corporate data. Unfortunately, the portrait revealed leaves something of a bad impression. With earlier research showing 67% of data breach incidents taking 'several months' to discover and 70% finding out about them through customers or partners instead of the internal IT department, it's perhaps a little sad to now discover only 6% have implemented any kind of automated breach detection and notification system. Especially when previous research suggests that basic detective and preventative control systems could have stopped a great many breaches in their tracks.
DaniWeb spoke to Andy Green, Technical Content Specialist at Varonis, who said: "Our Red Alert Data Breach survey shows that companies have a long way to go in detecting breaches that have slipped through front line safeguards. Only 6% of our sample had fully automated capabilities to monitor privilege escalations, unusual data access patterns and file access changes, and suspicious email. The good news is that breach detection and monitoring controls are finally receiving validation from security experts. For example, the Federal government has recently called for "continuous monitoring" as a key part of its new cyber security program for the nation's critical infrastructure. The bottom line is that IT departments should also be putting more resources into incident response and risk mitigation as part of their security efforts."
Certainly, from speaking to IT security professionals about overall security strategies during the last year or so, one point has been cropping up again and again in our conversations and that is how real-time monitoring of activity and an ability to alert the relevant IT guys about suspicious behaviour, is fast becoming non-optional for any organisation which actually wants an effective data security strategy in order to take the bad guys on with.