Business Report

Breaches and Security, By the Numbers

A look at how companies try—and fail—to defend themselves against data theft.

How is corporate data being stolen? Attacks often employ multiple methods—but remotely hacking a computer isn’t always one of them. Sometimes employees are involved, and some attackers physically break in. The numbers in the chart below total more than 100 percent because more than one method can be used in an attack.

Source: Verizon’s 2011 Data Breach Investigations Report, which analyzed 761 breaches

Given all the ways data breaches can occur, companies need to employ multiple methods of defense. This chart shows the main steps they are taking. Nearly half, for example, are removing data from the network rather than risk having it stolen. Companies often pursue several protective strategies, which is why the percentages total more than 100.

Source: Survey of more than 1,000 senior IT executives worldwide for Underground Economies, a 2011 report by McAfee and Science Applications International Corporation (SAIC)

As this year’s high-profile data breaches have shown, many organizations’ security measures are not proving resilient enough. This chart shows the 12 most common ways for companies to learn they have been breached.

Source: Verizon’s 2011 Data Breach Investigations Report.

Failing to turn the tide against data breaches is proving costlier each year. This chart shows the percentage of IT operating budgets that companies have been devoting to security.

Source: Forrester Research surveys in 2007, 2008, 2009, and 2010

Uh oh–you've read all five of your free articles for this month.

Insider Online Only

$19.95/yr US PRICE

Next in this Business Report

Securing Data

In June, Business Impact will show why information security isn’t an issue only the IT department needs to worry about. We’ll explore why companies still struggle to secure data—from theft or loss—even after all the attention given to costly data breaches and hacking attacks. We’ll analyze fresh ideas for improving security in the cloud and on mobile devices and explain what smart companies are doing.

You've read of free articles this month.