Research finds lack of visibility over sensitive data
As organizations increasingly turn their attention toward matters of data security, they are likely finding there is significant room for improvement. Technological safeguards such as encryption are important to securing a company's digital ecosystem, but recent research suggests some changes may need to take place at the operational level as well.
One of the most significant cybersecurity risks in 2013 will originate from data that organizations don't know they have, according to Kroll Advisory Solutions. Analysts attributed the difficulty in keeping track of information to the proliferation of mobile devices and cloud technology. Rogue data may come in the form of backup information that was never deleted or archival data that has been around for years. Regardless of the source, it's easy to lose track of where this information is and what risk it poses to an organization. The issue is further complicated by trends like bring-your-own-device, which spreads the rogue information across a number of different platforms.
Part of the problem, according to Kroll, is insufficient resources and expertise. There are simply too many factors that businesses must consider to maintain both security and compliance. Particularly when external threats such as hackers are added to the mix, analysts suggested it may be worthwhile to invest in third-party consulting services and facilitate departmental collaboration to improve computer security defenses.
"If we’ve learned one thing from the changing climate of data security in 2012, it is that 2013 will definitely not be a time to employ the same old tactics,” said Tim Ryan, managing director at Kroll Advisory. "Boards of directors are becoming more engaged on this subject, in part because it deals with corporate risk and also because the regulators are on the lookout. 2013 will require a review of information security governance, identification of information risk and controls, and preparation for the inevitable: a breach of sensitive data, a looming threat for every organization."
The threat is physical, too
With the growing adoption of highly portable devices such as smartphones, the information security arena now extends beyond the digital world. As Business 2 Community contributor Emma Lowell recently highlighted, something as seemingly harmless as losing a cellphone on a train can be a significant business risk in light of BYOD.
When combined with Kroll's data, these risks create a growing need for improved information governance practices, so that businesses gain improved visibility over their data and the security precautions that should be implemented to protect it.