The risk of data leaks and security breaches are a growing threat in the enterprise, but many companies are doing nothing about it at all. According to a recently released report from Osterman Research and DB Networks, 47% of respondents said their organization had no one overseeing database security.
The report, titled Identifying Critical Gaps in Database Security, was released on April 20, 2016, and its results were compiled from survey answers given from 209 members who were qualified as having general knowledge of databases and database security in their organization. The mean number of employees at the represented organizations was 22,142.
SEE: Information security policy template (Tech Pro Research)
The report looked into many aspects of data and database security, but a big theme was visibility. In addition to many of the organizations not having a team or individual to oversee database security, less than two-thirds of those surveyed (61%) had tools and controls that would even allow them to monitor their databases in real time. This presents an added security threat in that hackers potentially have more time to dwell before the organization is alerted to their presence.
According to the research, only 19% of respondents categorized their data and database visibility as "excellent." The largest response group, 63%, labeled their visibility as "good." Additionally, 16% said they had "limited" visibility and 2% said they had "little or no visibility."
Visibility is not just understanding where your data is located, it also has to do with how it is accessed. A majority of the respondents (59%) didn't have a high degree of certainty about which of their users, clients, or applications were accessing their databases. Also, 46% didn't have a high degree of certainty about whether or not their restricted processing segments were properly segmented.
So, what were the biggest concerns when it came to databases? The answers broke down like this:
- Compromised credentials - 50%
- Experiencing a serious data breach - 48%
- An inability to identify breaches until it's too late - 47%
- A compromised/abused credential used to breach any of our critical databases - 44%
- The dwell time of infiltrations into our network - 31%
With "compromised credential" as the biggest concern, one would think that it would become a high priority in these enterprises. Still, only 61% said they had detection tools in place to note a breach from abused or compromised credentials, and only 62% said that they were able to monitor their databases in real time. With that being said, only 21% claimed they could discover a breach from compromised credentials almost immediate. An additional 34% said it would take them a day, 18% could get it done in a week, and the remainder took a month or longer to find out.
With this being said, more companies are paying attention to database security. Over the next 12 months, emphasis on database security is projected to increase from 40% to 54%.
"Identifying compromised database credentials and insider threats will likely receive far more investment in the future," said Michael Osterman, president of Osterman Research. "And it is likely that the actual rate of successful infiltrations or other leakage events may be higher than discussed in this report due to inadequate organizational systems for tracking successful threats."
Still, as it stands, even though many respondents acknowledged the weight of potential security breaches, a small percentage were committing to regular assessments.
Visibility is important because it helps an organization know its data, said Forrester analyst Heidi Shey. It becomes the foundation of your data security and privacy efforts.
"If you have visibility into what sensitive data you have and where it is, you can make smarter decisions about data security controls like encryption, data masking, tokenization, and more. You can evaluate the risks vs rewards of having and using certain types of data, identify usage patterns for sensitive data (and thus be able to spot when there is suspicious activity)."
The 3 big takeaways for TechRepublic readers
- A recent study by Osterman Research and DB Networks found that almost half of enterprise organizations had no employees in charge of looking over database security, and only 19% had excellent visibility of their data assets.
- Compromised credentials were the biggest concern to respondents, but only 61% had the tools to check for that threat and 62% had the ability to actually monitor in real time.
- Proper visibility should not be taken for granted by enterprise leaders, as it can help you make better decisions about your data security and be more aware of potential threats.
- US businesses: Start preparing for the EU's new privacy regulation (TechRepublic)
- US government weaker on cybersecurity than any other major industry (ZDNet)
- IoT and health data: 6 security best practices (TechRepublic)
- The best cyberdefence: Think like an attacker (ZDNet)
- No. 1 thing IT departments can learn from the Panama Papers hack (TechRepublic)
Conner Forrest has nothing to disclose. He doesn't hold investments in the technology companies he covers.
Conner Forrest is a Senior Editor for TechRepublic. He covers enterprise technology and is interested in the convergence of tech and culture.