Data Breaches Approach Coin Flip Levels

Stories of data breaches seem to come out on a regular basis these days, from Ashley Madison to Home Depot and a host of others in between. A new study from IID conducted by the Ponemon Institute (News - Alert) shows that this trend is on the rise, and as a result, 47 percent of companies and government organizations have been breached in the last two years.

The survey, titled “Exchanging Cyber Threat Intelligence: There Has to Be a Better Way”, took information from 692 IT and IT security professionals, most of which represented firms of over 1,000 employees. Almost half, 47 percent, of those surveyed answered ‘yes’ when asked if the firm they represented had seen a material security breach. Perhaps more telling was that 65 percent also answered yes to another question: whether or not respondents believed that sufficient intelligence about the threat could have either prevented or minimized the attack's fallout. That's up from 61 percent in just last year's survey.

It's also increasingly clear that organizations aren't waiting for government mandates on this; 83 percent of those surveyed already exchange information about threats, and 75 percent believe that exchanging threat information improves overall security posture. Sixty-three percent even call such things good for the infrastructure of the United States itself. As for the most important matters in threat intelligence, timeliness is the front-runner. Eighty-nine percent believe that threat intelligence is really only worthwhile for a few hours at a stretch, but in spite of this, 79 percent only check data once a day or even less.

There are even some issues that restrict the flow of threat data; issues of liability are one of the biggest restraints on data, but so too are a lack of trusted sources and resources to develop better threat-sharing material and the like.

Sharing information about threats would seem to be a viable means to protect against such matters, but that's something of a dangerous stance. What constitutes a “threat”? What recourse is there for those who are falsely considered threats yet talked about as though such were actual threats? What happens if those fired from a company for any reason are considered “threats” to the system? Until these points are addressed properly, we're just trading one problem for another, ruining lives in the pursuit of safer systems so other lives won't be ruined.

The IID/Ponemon Institute study's own title puts it best: there has to be a better way. Until that way is found, however, we may all be just a bit less safe from data breaches.