Most Enterprises Unprepared for Breaches, Study Finds


Coming off the heels of a report that data breaches are costlier now than ever before is another concerning research finding: Most companies admit they’re unprepared to deal with a breach.

A study published May 5 by the Ponemon Institute found that malicious incursions are taking an unprecedented monetary toll on impacted enterprises. In the United States, where these attacks are most pervasive, the cost is also the highest: An average of $246 per compromised record.

With facts like those circulating the Web and news of cyberattacks cropping up left and right, one would think that companies would make quick work of bolstering their enterprise security against potential intrusions. But that does not seem to be the case.

Separate Ponemon Survey Finds Business Preparedness Lacking
Another survey carried out by Ponemon, and sponsored by Websense, found that despite the overwhelmingly threatening presence of issues like malware circulating every facet of the business sphere, most operations are simply unprepared when it comes to battling a data breach.

This revelation comes from company IT department staffers themselves, 63 percent of whom told Ponemon that their companies do not have the enterprise security in place to prevent data from being stolen by criminals in the event of an outside intrusion.

Of those surveyed, 59 percent also admitted that their limited knowledge of cyberattacks prevents them from knowing if attempted incursions are being carried out, and what the impact of those might be. According to Websense CEO John McCormack, the results from the survey illustrate a need for companies to carry out better safeguarding measures.

“This global security report shows that the cybersecurity industry still has more work to do when it comes to addressing cyberattacks,” he said, according to InfoSecurity Magazine. “Security professionals need effective security measures and heightened security intelligence to keep organizations safe from advanced attacks and data loss.”

One integral part of any company security system is a robust authentication wall. Without one, businesses place themselves at constant risk of an unwanted third party breaching his or her way into the company system.

And yet not only do most businesses not seem to have such strong authentication measures in place, but many are also vastly unprepared for what happens even after a breach is no longer active. As 35 percent of breached respondents admitted, they did not even a clear picture of what had been stolen in the attack on their company. Being attacked is more than a minor embarrassment, but being unable to say what information was stolen is nothing short of a major problem.

Companies Must Be More Upfront About Their Security Practices
It is unlikely that the consumer public will greet this survey’s findings with warmth or understanding. To learn that the majority of businesses are unprepared for attack is to fuel the anxiety of a customer base already wary of personal information loss.

It’s not hard to imagine a near future where a business’s enterprise security is as important to prospective customers as their discount specials. Ten years ago, whether or not a company had strong identity protection in place likely mattered very little to the average consumer.

But that was before a run of many high-profile breaches in the last two years, and before a sense of unease began creeping into every credit card swipe. Everywhere they turn, people are being told their private information is not safe.

Therefore, the rigor with which businesses defend themselves against attacks will likely emerge as a deciding factor in whether or not customers choose to shop there. For the 63 percent of Ponemon respondents unprepared for a breach, this could spell the end of business.

Ten years ago, company authentication strategies did not make headlines. But 10 years from now, only the well-guarded may still be around.


Entrust provides identity-based security solutions that empower enterprises, consumers, citizens and websites in more than 5,000 organizations spanning 85 countries. Entrust's identity-based approach offers the right balance between affordability, expertise and service. With more than 125 patents granted and pending, these world-class solutions include strong authentication, physical and logical access, credentialing, mobile security, fraud detection, digital certificates, SSL and PKI.


Add to the Conversation