Skip to main content

Do businesses really know how much their data is worth?

(Image credit: Image source: Shutterstock/Carlos Amarillo)

DocAuthority's new report states that IT security departments are incorrectly estimating the value of business information they have in their possession. This leads to poor investment into the availability, protection and security of the data that is commercially most valuable.

The report is based on a poll of 2,827 IT professionals in the UK and the US. Asked to estimate how much money different types of data are worth, the poll uncovered that the majority was undervalued, including research and development, as well as financial reports. On the other hand, personally identifiable data (PII), which was less sensitive, was highly prioritised.

DocAuthority says this increases the chances of a data breach, the mishandling of access rights for employees, and the application of incorrect levels of security.

R&D documents were undervalued by 50 per cent. The respondents also underestimated the cost of financial report leaks. On the other hand, monthly salary lists were overpriced.

"Typically, the security and protection of business data is considered to be the responsibility of the IT Security department. Yet it’s clear from this research that IT Security does not have the vitally-important context required to understand the true value of that data, and in turn create an effective strategy for defending it,” says Doctor Larry Ponemon, Chairman and Founder of the Ponemon Institute. “Rather than being relegated to IT, data and its protection should be the concern of not only management level, but the business as a whole.”

Image source: Shutterstock/Carlos Amarillo

Sead Fadilpašić

Sead is a freelance journalist with more than 15 years of experience in writing various types of content, from blogs, whitepapers, and reviews to ebooks, and many more, across sites including Al Jazeera Balkans, TechRadar Pro, IT Pro Portal, and CryptoNews.