95 per cent of firms would not be sure about a data leak

A report just issued by Websense says that 95 per cent of organisations are not confident they would even be aware of an information leak, if that leak originated from one of their employees.

The research, conducted for the annual E-Crime Congress held recently in London, found that, out of 105 security professionals surveyed, 64 per cent believed their board would be held ultimately responsible should an information leak occur.

Researchers found that internal threats such as data leakage through malicious intent or by accident, continued to be the greatest concern, topping the poll at 59 per cent. In fact, says Websense, there was a 15 per cent increase from last year's survey.

On top of this, 79 per cent said they believed legislation should be in place to curb the data leakage epidemic and ensure greater transparency in the advent of an information breach.

Ross Paul, Websense's international product manager, said that the survey results illustrate that many firms are so busy fire-fighting external security threats that when it comes to information leakage they are failing to address the larger problem.

"A pro-active approach, ensuring the enforcement of well-defined policies to protect sensitive information, is a must from stopping it getting into the wrong hands," he said.

"When data breaches do occur, there is a consensus amongst respondents that legislation should support the need for disclosure. With only five per cent of those surveyed believing that all companies are aware of information leakage incidents, it's time for companies to actively take responsibility in detecting and protecting against this invisible threat," he added...