According to new research, 77% of C-level executives report that their organisation has experienced a data breach at some point, while all respondents disclosed that they have had their data attacked in the last 12 months. Additionally, 76% of those surveyed feel that reducing potential security flaws within business-critical applications is the most important aspect of their data protection programme.
These are some of the findings of a survey of 115 C-level business executives in the UK, conducted by IBM and The Ponemon Institute, a privacy and information management research firm.
The survey results indicate C-level executives believe good data protection practices can support important organisational goals such as compliance, reputation management and customer trust. In fact, only a small percentage of the CEOs surveyed, just 18%, are very confident that their organization will not suffer a data breach within the next year, and 81% of them feel that investing in a security strategy can greatly reduce or mitigate the risk of data loss or theft.
"The Business Case for Data Protection: A Study of CEOs and other C-Level Executives in the United Kingdom" is one of the first studies conducted to determine what senior executives think about the value of privacy and data protection efforts within their organisations.
“In the face of growing security threats, business leaders are finally recognizing that a strong data protection strategy plays a critical role to their bottom line,” says Dr Larry Ponemon, chairman and founder of The Ponemon Institute. “Once viewed as purely a technical issue, the responses garnered in our survey highlight a shift in how organisations are treating their investments in security software. Today, C-level executives believe the cost savings from investing in a data protection program is substantially higher than the estimated value of recovering from a breach.”
Further underscoring the impact that a security strategy can have on an organization’s bottom line, survey results indicate that the average cost savings or revenue improvements resulting from data protection initiatives totaled £11-million for organisations.
“We are witnessing C-level executives implement security strategies at a much higher rate than ever before,” says Dr Daniel Sabbah, GM of IBM Rational. “The results from this Ponemon Institute study underscore the increased understanding among business leaders around the importance of addressing security defects at the earliest stages possible, before they become too costly to fix and cause irreversible harm and damage to the business.”
Other key findings from the study include:
* Executives in this study estimated the average data breach cost per compromised record is £112, while CEOs estimated it to be £143 per compromised record;
* 75% of respondents report that one person is considered to be in charge of data protection for their organisation, and that person is considered by most to be the CIO, especially by the CEO.
* 51% of C-level executives believe the purpose of data protection programmes is to increase brand or marketplace image.
* 34% of C-level executives perceive that the frequency of security attacks happens on an hourly basis.