Breaches and leaks of sensitive information from organizations doubled last year, even as consumer concerns over data privacy surged, according to two new reports published on Data Protection Day.
January 28 marks the signing in 1981 of Convention 108, the first legally binding international treaty dealing with privacy and data protection. Also known as Data Privacy Day in North America, it is now an awareness raising event aimed at organizations and consumers alike.
However, new research from Imperva warned today that unauthorized transmissions of data from organizations’ networks to external destinations had soared 93% in 2020.
The security vendor detected 883,865 such incidents at the start of the year, rising to 1.7 million by the end of December, and argued the figure would be even higher if loss of data via physical devices, print-outs and the like were included.
“Data security should never be an afterthought – but sadly it often is, particularly when organizations prioritize speed over security. The rush to maintain business continuity in 2020 has accelerated change at such a pace that huge gaps now exist in process and protection around data,” said Chris Waynforth, AVP Northern Europe at Imperva.
“It is naïve to think that it is only human access to data that leads to compromise. Over 50% of access requests to databases are coming not from users, but application to application.”
The risk of major regulatory fines should be making this a board-level issue, the vendor added.
Imperva urged organizations to follow several key steps to better protect their data, starting with discovery and classification, and moving on to access controls, continuous monitoring and quarantining in the event of an attack.
Data minimization should be front-of-mind throughout, as information continues to disperse across complex multi- and hybrid cloud environments, the firm argued.
However, consumers also have a big part to play in keeping their information out of harm’s way. Some 77% told Entrust they are concerned about data privacy, and 64% said their awareness about the issue has increased over the past 12 months.
At the same time, though, many (63%) were wiling to hand over more information to applications in return for greater personalization. Nearly half (47%) said they don’t review the T&Cs of an app before downloading, with most claiming it was because these take too long to read.