Many believe all their sensitive data to be secure despite not knowing where it is.
The vast majority of IT professionals believe that perimeter security is effective at keeping out unauthorised users.
Despite nearly 1.4 billion data records being lost and stolen in 2016, a staggering 94% of IT decision makers think that perimeter security is keeping them safe. However, 65% are not extremely confident that their data would be protected should the perimeter be breached, down from 69% in the previous year.
Despite this, the research from Gemalto found that 59% believe all their sensitive data is secure.
Given that almost half of UK businesses are reported to not have a formal cyber security strategy implemented, according to an IoD report, this should be seen as an extremely worrying set of beliefs.
The findings of the fourth-annual Data Security Confidence Index by Gemalto also found that companies are under investing in technology that adequately protects their business, perhaps unsurprisingly given that the majority feel that perimeter security is the bees knees.
The report did find that 76% of organisations had increased investment in perimeter security technologies such as firewalls, IDPS, antivirus, content filtering, and anomaly detection to protect against external attacks, however, two third (68%) believe that unauthorised users could access their network, thus rendering their perimeter security ineffective.
The Gemalto report suggests that there is a lack of confidence in the solutions being used, especially given that 28% of organisations have suffered perimeter security breaches in the past 12 months, an extremely concerning issue when paired with the finding that, on average, only 8% of data breached was encrypted.
“It is clear that there is a divide between organisations’ perceptions of the effectiveness of perimeter security and the reality,” said Jason Hart, Vice President and Chief Technology Officer for Data Protection at Gemalto.
“By believing that their data is already secure, businesses are failing to prioritise the measures necessary to protect their data. Businesses need to be aware that hackers are after a company’s most valuable asset – data. It’s important to focus on protecting this resource, otherwise reality will inevitably bite those that fail to do so.”
The issues highlighted are further compounded by the finding that 55% don’t know where their sensitive data is stored, and 32% don’t encrypt valuable information such as payment or customer (35%) data.
This all paints a very sorry picture of the state of cyber security of businesses around the world.
The research is based on 1,050 IT decision makers worldwide.