Businesses unable to handle all their data: Gemalto

Two in three companies are collecting more data than they are able to analyse, according to new research from Gemalto.

In addition, the study reveals that only half (54%) of companies know where all of their sensitive data is stored. Compounding this uncertainty, more than two-thirds of organisations (68%) admit they do not carry out all the procedures in line with data protection laws such as GDPR.

These are just some of the findings of the fifth-annual Data Security Confidence Index, which surveyed 1050 IT decision-makers and 10,500 consumers worldwide. The research found that businesses’ ability to analyse the data they collect varies worldwide with India (55%) and Australia (47%) best at using the data they collect. In fact, despite nine in 10 global organisations agreeing that analysing data effectively gives them a competitive edge, only one in five Benelux and British companies are able to do so.

The global survey, including 100 Australian IT decision-makers and 1000 Australian consumers, found nine out of ten Australian consumers consider it important for organisations to comply with security regulations when it comes to securing their data.

Despite this, 92% of Australian organisations report they find it difficult to remain compliant with new data regulations. Consumers’ concerns aren’t unfounded, however, given only one-fifth of Australian organisations carry out all procedures in line with data protection laws, and one-third of organisations had their perimeter security system breached in the past year.

With recent data breaches like PageUp and Ticketmaster grabbing consumer attention as organisations grapple with NDB and GDPR, Australian organisations must ensure they are meeting regulations in order to give confidence to their consumers; only half of Australian consumers trust organisations to store and manage their personal data.

Other key local findings include:

• 91% of Australian consumers think organisations should be encrypting their data, while only 9% actually have a complete understanding of what encryption does.
• 45% of Australian organisations report that their entire network can be accessed by unauthorised users.
• Just half of Australian organisations currently have policies and procedures in place for how sensitive information should be protected in line with government legislation, compared with 60% globally.
   

“If businesses can’t analyse all of the data they collect, they can’t understand the value of it — and that means they won’t know how to apply the appropriate security controls to that data,” said Jason Hart, Vice President and CTO for Data Protection at Gemalto.

“Whether it’s selling it on the dark web, manipulating it for financial gain or to damage reputations, unsecured data is a goldmine for hackers. You only need to look at the recent hacks on the World Anti-Doping Agency and International Luge Federation to see the damage that can be done. What’s more, data manipulation can take years to discover, and with data informing everything from business strategy to sales and product development, its value and integrity cannot be underestimated.”

When it comes to how data is being secured, the study found that 48% of IT professionals say perimeter security is effective at keeping unauthorised users out of their networks. This is despite the majority of IT professionals (68%) believing unauthorised users can access their corporate networks, with Australian companies being the most likely (84%) and the UK the least (46%). However, once the hackers are inside, less than half of companies (43%) are extremely confident that their data would be secure. UK businesses are the most concerned with just 24% prepared to say they’re extremely confident, with Australia the highest (65%).

Even though there is still faith in how they’re securing their networks, one-third of companies reported that their perimeter security had been breached in the past 12 months. Of those that had suffered a breach at some point, only 10% of that compromised data was protected by encryption, leaving the rest exposed.

Image credit: ©stock.adobe.com/au/Péter Mács

Please follow us and share on Twitter and Facebook. You can also subscribe for FREE to our weekly newsletter and quarterly magazine.