New studies explore importance of data security – and how some companies struggle with it

Two pieces of research have hit CloudTech HQ, both examining how the security of data is perceived – and which data is more private than others.

Information security provider Trustwave, in its ‘Value of Data Report’ published today, aimed to look at which data was most important to the 500 IT decision makers polled across five countries. On average, the per capita value of personally identifiable information (PII) in the US is more than double that of the UK – $1,820 and $843 respectively. The UK ended up having scantest regard for their data, behind Australia ($1,186), Japan ($1.040) and Canada ($1,025) respectively.

What’s more, PII is of greater import than all other types of data – in most sectors, anyway. 47% of respondents cited it as a high priority, compared with intellectual property (27%), payment card data (18%), with corporate email (6%) bringing up the rear. Healthcare and hospitality give the biggest priority to PII data, with average scores of 3.5 and 3.4 out of four respectively, while industrial companies and IT firms rank IP as most important.

Given this around how fiercely protected certain types of data are, findings from Kaspersky in another report released today make for particularly interesting reading. Polling more than 2,000 IT decision makers across Europe in organisations with more than 50 employees, fewer than three in five (55%) of respondents believe companies are looking after their personal data properly.

Almost three quarters (73%) said the security of their private data was important, while 67% admitted they were concerned about their information being hacked. A similar number (64%) said they were worried about how many organisations have access to their personal information.

Again, the UK does not come out in the best light when it comes to data security. Only 56% of IT decision makers trust organisations to keep hold of their data – a meagre number when compared to their equivalents in France (76%), but a little better than Germany (48%).

Both studies cited the importance of the upcoming General Data Protection Regulation (GDPR) – an issue which this publication has covered in chapter and verse – in their findings. “Companies that fail to accurately value their data are unlikely to make the right decisions regarding the level of cyber security investments to protect that data and are those most likely to fall short of regulations, such as the GDPR coming into effect in 2018,” commented Ziv Mador, vice president of security research at Trustwave.

“Businesses should look to the managed security services business model so that they have the confidence that full data risk vigilance is applied to all types of confidential and valuable data by specialists in the industry.”