24 Mar 2010:
IBM (NYSE: IBM) and The Ponemon Institute, a privacy and information management research firm, today released results from a survey conducted of 115 C-level business executives in the United Kingdom.* According to the research, 77 percent of C-level executives report that their organization has experienced a data breach at some point, while all respondents disclosed that they have had their data attacked in the last 12 months. Additionally, 76 percent of those surveyed feel that reducing potential security flaws within business-critical applications is the most important aspect of their data protection program.
The survey results indicate C-level executives believe good data protection practices can support important organizational goals such as compliance, reputation management and customer trust. In fact, only a small percentage of the CEOs surveyed, just 18 percent, are very confident that their organization will not suffer a data breach within the next year, and 81 percent of them feel that investing in a security strategy can greatly reduce or mitigate the risk of data loss or theft.
Listen to a podcast with Larry Ponemon, chairman and founder of The Ponemon Institute, and Jack Danahy, security executive with IBM's Rational sofware brand.
These results and others are detailed in "The Business Case for Data Protection: A Study of CEOs and other C-Level Executives in the United Kingdom", one of the first studies conducted to determine what senior executives think about the value of privacy and data protection efforts within their organizations.
“In the face of growing security threats, business leaders are finally recognizing that a strong data protection strategy plays a critical role to their bottom line,” said Dr. Larry Ponemon, chairman and founder, The Ponemon Institute. “Once viewed as purely a technical issue, the responses garnered in our survey highlight a shift in how organizations are treating their investments in security software. Today, C-level executives believe the cost savings from investing in a data protection program is substantially higher than the estimated value of recovering from a breach.”
Further underscoring the impact that a security strategy can have on an organization’s bottom line, survey results indicate that the average cost savings or revenue improvements resulting from data protection initiatives totaled £11 million for organizations.
“We are witnessing C-level executives implement security strategies at a much higher rate than ever before,” said Dr. Daniel Sabbah, general manager, IBM Rational. “The results from this Ponemon Institute study underscore the increased understanding among business leaders around the importance of addressing security defects at the earliest stages possible, before they become too costly to fix and cause irreversible harm and damage to the business.”
Other key findings from the study include:
This research was independently conducted by Ponemon Institute and sponsored by IBM. To access the report, visit: https://www14.software.ibm.com/webapp/iwm/web/signup.do?source=swg-rtl-ponemonrptuk. For additional information, visit: http://www.ibm.com/security/.
About the Ponemon Institute LLC: The Ponemon Institute© is dedicated to advancing responsible information and privacy management practices in business and government. To achieve this objective, the Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a variety of industries. Visit the Ponemon Institute at www.ponemon.org for more information.
*Visualizations of the Ponemon Institute and IBM study are available via IBM's Many Eyes Research Project. Many Eyes is a service that combines information visualization with social software, enabling collaborative visualization by groups of users. To see the visualizations please follow these links:
|Security and Risk
IBM solutions that help with security, risk management, and compliance
|Services and solutions
Information Management, Lotus, Tivoli, Rational, WebSphere, Open standards, open source