IOUG Study Finds 50% Increase in Reported Data Breaches

Economic pressures are resulting in tighter funding for data security, according to a webinar presented Tuesday by Ian Abramson, IOUG president; Roxana Bradescu, senior director of database security, product marketing, Oracle; and Joe McKendrick, Unisphere Research analyst.

The webinar examined the results of a new IOUG survey conducted by Unisphere Research and sponsored by Oracle, as a follow-up to an IOUG study on the same topic conducted last year. The survey findings are also included in an executive summary report, "The IOUG Data Security 2009: Budget Pressures Lead to Increased Risks."

"One of the things we found in this year's survey is that corporate management has been less focused on data security than they were in the survey a year ago," Unisphere Research analyst Joe McKendrick told the audience. This lack of focus has left enterprise data susceptible to intentional and unintentional breaches, said McKendrick, noting there has been a rise in data breaches or incidents reported by respondents in this year's survey versus the previous year.

"We have to ask the question: Looking at the economic situation and the fires management has had to fight over the past year, is it okay to relax its guard bit on data security? And they may have to actually think twice about that, considering the fact that our survey found a 50% increase in reported data breaches over last year's survey and things aren't getting any better either," McKendrick said.

"There is no shortage of widespread concern over continued threats. More than one of five of our respondents (20%) are concerned about potential data breaches over the next 12 months. We conclude that the threat level in terms of concern about data breaches has not changed over the past year although other factors have changed."

Organizations can address the security issues in the IOUG study despite flat or reduced budgets, according to Bradescu. "The key is really to look at data security holistically and strategically," she said. "When it comes to protecting data there are some key principles. There is prevention, detection and recovery. What we find is that most organizations have done a pretty good job with recovery, and they have in place solutions for high availability and disaster recovery and things like that, but what the survey indicated is that they haven't really put in place a lot of solutions for preventing and detecting security issues, or even just reporting to auditors that everything is under control." Oracle Database 11g provides comprehensive security protections including data encryption and masking, access controls, centralized user and role management, auditing and reporting, enterprise configuration scanning and data change forensics.

The IOUG Enterprise Best Practices SIG will present a session discussing the survey results at Oracle OpenWorld on Sunday, October 11. Find out more about the survey findings, hear reactions from a panel of database security experts and discuss challenges you face when it comes to data security in this interactive session.

To find out more about IOUG sessions at Oracle OpenWorld, go here.