77% of IT Managers Express Concerns on a Possible Data Breach in the Future

Recent research done by global data and analytics solution provider Adastra reveals that 77% of IT managers throughout the United States and Canada believe their companies might be facing a data breach within the next three years.

Data security is seen as the biggest area of change for companies in 2023 as they continue to focus on strengthening their cybersecurity measures. According to the survey, as many as 68% of managers reported that their companies currently have a cybersecurity division, while an additional 18% said that their companies are in the process of creating one. Only a small percentage (6%) said that their companies do not have a cybersecurity division.

“The increase in data breach incidents across North America is troubling and must be prioritized as employees continue to return in-person to their corporate offices. During the pandemic many employees were hired virtually and, in combination with long absences from offices, introductions to and re-familiarization with security protocols will be critical,” said Kuljit Chahal, Practice Lead, Data Security at Adastra North America.

It is crucial for employees to have a good understanding of the best data security practices, as 82% of data breaches occur due to mistakes made by humans, according to the 2022 Verizon Data Breach Investigations Report.

“In our role as data security experts, we have found that some companies, especially smaller ones, can be lulled into a false sense of security believing that perpetrators will not bother with them­—this is absolutely not the case. The results of this survey should serve as a reminder that companies of all sizes must invest in data security protection, resources and education, particularly as we return to in-office activities,” added Chahal.

Small and medium-sized companies are particularly at risk of data breaches, with 41% of all breaches occurring in companies with less than 250 employees, according to Statistics Canada. The financial impact of a data breach on a business can be significant, with Canadian businesses collectively spending $600 million to recover from breaches in 2021. This cost is often much higher than the cost of an audit from a data security firm, which can help prevent such breaches from happening in the future.

5 Data Security Improvements To Take Into Account:

1. Insider threats

Many data breaches aren't caused by intentional malicious actions but by employees accidentally mishandling or disclosing sensitive information. To prevent this, employees should receive training on cyber security and stay informed of the latest threats. By regularly testing employees, they are more likely to recognize and avoid malicious attempts to obtain sensitive information through email or text messaging.

2. Latest security features

Most data breaches happen when a known vulnerability is exploited. To prevent this, companies need to establish a vulnerability management program that routinely scans their software assets and applies necessary updates and patches.

3. Know your inventory

Organizations should have a complete inventory of all software, hardware, and data assets to establish control over the assets that have access to the corporate environment. This inventory should be part of the overall vulnerability management program, which helps ensure that all assets are kept up to date, including operating systems and software. Also, a data inventory or catalog allows for security controls, such as encryption, access restrictions, and monitoring, to be applied to the most sensitive data.

4. Delete redundant data

Minimizing risk starts with reducing the amount of data., as the data that is stored in various locations may not be equally protected in each environment. By identifying which data is necessary and what can be archived, companies can manage and secure their data assets better.

5. Data back-ups

Having a strong data backup plan is crucial for organizations to recover quickly in case of an incident. The frequency of the data backup will depend on the level of risk the organization is willing to accept.

For more information on data security improvements, visit Adastra's website.