Last week the Ponemon Institute released a study showing that 60 percent of Canadian companies do not believe they are equipped to fight cyber attacks and data theft. On June 24, Ponemon published another study indicating that there is a problem more pressing to IT practitioners than online breaches: not knowing where sensitive and confidential data is located.

Ponemon surveyed 1,587 Global IT and IT security practitioners in over 16 countries and 57 percent of respondents said that the unknown location of sensitive data keeps them up at night. This concern topped hacker attacks at 23 percent and malicious employees at 6 percent. In fact, a majority of the organizations are in the dark, with only 16 percent knowing where all their sensitive structured data is located and an even smaller 7 percent knowing where all sensitive unstructured data resides.


BYOD: protect the information, not the device

Don’t Ask, Don’t Entail: Watch out for new workplace data privacy laws

A step-by-step guide to addressing corporate data privacy and security (Part 3)


Dr. Larry Ponemon, the chairman and founder of Ponemon Institute, states, “The majority of respondents agree that not knowing the location of data poses a serious security threat. Clearly, the time is ripe for a wider adoption of the technologies and expertise to make data-centric security an enterprise priority.”

According to the study, automated sensitive data-discovery solutions can help reduce risk and increase security effectiveness. Almost 70 percent of the respondents believe that automated data discovery would be beneficial.

Automated solutions that can find the location of sensitive data such as Secure@Source by Informatica are recommended. Amit Walia, senior vice president and general manager at Application ILM, Informatica, says, “Informatica Secure@Source will deliver on that need, helping to eliminate what organizations around the world recognize as a severe security exposure. In a giant step for data-centric security, Secure@Source will help companies visualize risk by means of a ‘data risk heat map,’ intelligently monitor data usage patterns and protect sensitive data based on a customer-defined risk index.”