Data breaches in France were uncovered in 92% of cases

According to a recent study titled “The 2009 Annual Study: France Enterprise Encryption Trends” and commissioned by PGP Corporation, a global leader in enterprise data protection, 67% of French organizations have been hit by at least one data breach incident within the last year, with 18% having been hit by more than five incidents. The study says that almost all the cases (92%) of the data breaches were not disclosed as there was no legal or regulatory requirement to do so.

The study that polled 414 IT security professionals at enterprises and public sector organizations, shows that 71% of respondents say data protection was a ‘very important’ or ‘important’ part of their risk management strategy, with protecting sensitive or confidential information in motion (transfer) or at rest (storage) their top priority.

Despite the large number of data breach incidents, 71 percent responded that data protection was a ‘very important’ or ‘important’ part of their risk management strategy, with protecting sensitive or confidential information in motion (transfer) or at rest (storage) their top priority. 

“It is very encouraging to see that 71 percent of respondents view data protection as a critical part of their overall risk management plan” said Dr Larry Ponemon, Chairman and founder of The Ponemon Institute. “However, the low percentage of French organizations having an overall encryption strategy in place or using a platform approach to encryption suggests that there are still considerable improvements to be made. The focus for 2010 needs to be on applying a strategic approach to data security across the enterprise.”

Besides, the poll also showed that:

• Only 9% of organizations have an overall encryption plan or strategy that is applied consistently across the entire enterprise
• Encryption is primarily used to comply with privacy or data security regulations (65%) or to limit the brand and reputation damage linked to data breaches (43%)
• 11% of organizations use a platform approach to managing encryption solutions across the enterprise
• 56% of respondents use encryption technology at some level and the remaining 44% are in the process of introducing it
• 71% of organizations have a fully executed or just launched implementation of data archive and e-discovery systems program
• 67% of respondents revealed that they had been hit by at least one data breach in the past 12 months
• A majority of respondents (58%) believe the ability to install a management infrastructure once, and then add additional encryption applications as needed is ‘very important’ or ‘important’
• Encryption solutions are seen as a security priority for 39% of respondents
• 45% of respondents consider loss or theft of confidential or sensitive data one of the major security threats of the next 12 to 24 months