Privacy & data protection survey

Deloitte and Ponemon Institute published a survey on privacy and security in the enterprise enviornment.

I saw a talk given by Deloitte today on the survey and here are some of the highlights I found interesting:

  • Over 85% of respondents reported at least one breach where user notification was required and 63% reported multiple breaches.
  • The most implemented (59.9%) technology solution to privacy and security issues was segregation of duties tools. (Note: this sounds like companies are making use of the RBAC model)
  • Data classification was also high (57.7%) on the list of technology solutions. (Note: This may also be part of RBAC, classifying data into roles as well as people)
  • Encryption is being implemented (55%) but the encryption isn’t being applied to everything and a significant number of companies fail to adequately protect data both in storage and while in transit.
  • Both privacy and security professionals spend most of their time on incident response which includes notifying affected users.
  • Female and Male security professionals make approximately the same salary.

Leave a Reply

Your email address will not be published.