A perfect storm is brewing on the data security front, and it’s setting businesses up for a tidal wave of data breaches that may make today’s flood seem like a trickle.
A key contributor is the ongoing explosion in the world’s data stores. The volume of digital business information is now doubling every 14 months. There will be 10.5 zettabytes of data in corporate repositories around the world by 2020. That’s nearly 12 trillion gigabytes – enough to store 20 billion years of music – representing 30 times more documents, spreadsheets and everything else in the data stream than in 2010. Big Data and the metadata required to analyze it are adding to the overload.
At the same time, according to IDC, the proportion of data requiring protection is growing faster than the digital universe itself. And that’s a major cause for alarm.
Even today, IDC studies say, only about half the information that needs protection has been appropriately secured. By 2020, the amount of unprotected data is expected to surge by a factor of 26. That means more opportunity for data compromise, intellectual property loss, regulatory compliance violations, business disruptions, public relations troubles, and all the other tangible and intangible costs that go along with the mayhem of a data breach.
Then there are other digital storm clouds that have been gathering over the past few years. There’s the radical shift to mobile computing, putting more data on devices that can be easily stolen or lost. There’s the rampant increase in data sharing across companies and supply chains, drilling ever more holes in the information dike.
And there’s the chilling fact that nearly 30% of corporate data already resides exclusively on laptops, tablets and smartphones – most with no backup or other safety net like encryption, remote deactivation, or the ability to selectively delete data on user-owned devices to prevent departing employees from taking corporate data with them. (According to a Carnegie Mellon University study, more than 70% of IP theft cases committed by internal personnel occur within 30 days of an employee’s resignation.)
No one wants to lose business momentum, competitive advantage, remediation costs, regulatory respect, or the trust of customers and the public over a hack, a lost laptop or a stolen tablet. Given the building blizzard of threats to digital security, enterprises need to step up their data protection game or risk a data breach that puts them in the growing Hall of Shame occupied by even by highly regarded companies like Sony and Zappos.
If you haven’t yet recalibrated your security strategy to address these threats, now’s the time. Many companies have been ambushed by failing to keep security policies up to date. As they say, forewarned is forearmed.