As data breaches are gradually accepted as an artifact of modern corporate life, the drive to protect Personally Identifiable Information (PII) to protect an enterprise's brand reputation has risen.
Earlier this year, HIPAA Journal featured responses by 1,100 senior security executives polled by 451 Research, an information technology research and advisory company, for a comprehensive 2016 data threat report. Respondents were asked about the security incidents they had suffered over the previous 12 months, the measures they had put in place to secure data, their spending intentions for the next 12 months, and what they perceived the biggest data security threats in 2016.
Findings were significant in terms of how executives today are ready to spend more to protect brand reputation and keep Personally Identifiable Information (PII) secure. According to findings of the data theat report, featured by HIPAA Journal:
- 2015 saw numerous major data breaches reported and an increase in the volume of breaches suffered. Unsurprisingly, given the current threat levels, the majority of respondents felt that they were vulnerable to attack during 2016 - 91% reported that they felt more vulnerable to attacks.
- Even though more data breaches have been reported in the past 12 months than in previous years, only 39% of respondents said they had suffered a data breach or failed a compliance audit in the past year.
58% of respondents report they had allocated additional funds to deal with security threats throughout 2016. Those increased funds were going on a variety of security measures, although the area most frequently cited as receiving extra funding was network security (48%).
The biggest driver behind spending increases was reputation and brand protection, which was cited by almost half of respondents. The need to comply with regulations was the second biggest driver.
Respondents were asked about the types of data they are most concerned about protecting. PII ranked highest, with financial information in second place, followed by classified information in third.
According to the report, it is a common refrain that an enterprise cannot secure what it does not know about - and knowing where sensitive data is located has been trumpeted as a necessary starting point for any comprehensive data security program.
Read Also: 5 Steps to Protect Sensitive PII Information
Managing Personally Identifiable Information
As the growth of cloud computing and big data continues to lead to an explosion of both structured and unstructured data that is more distributed than ever, there has been a corresponding interest in tools for performing data discovery and classification. With all of this, protecting brand reputation and keeping PII secure is paramount. When it comes to protecting PII, executives today feel the escalating command of regulatory compliance exerting its influence.
Organizations want to keep their brand reputation clear of PII breach or scandal in today's age of data sovereignty.