App and database protection ‘most effective approach’

Data security

The most effective way to prevent data breaches is to protect applications and databases with the right technology, while sticking with tried and tested methods.

This was the finding of an Imperva survey of more than 1,000 security professionals, which discovered web application firewalls, network data loss prevention, full drive encryption, server hardening and endpoint data loss prevention were the most popular technologies for reducing breaches.

"What we see is that organisations keep investing in more and more security technologies," Imperva chief technology officer Amichai Shulman told IT PRO.

"I think we are seeing organisations using more and more security controls, putting more layers of security in, not just relying on infrastructure security, but adding more data-related security controls."

In the report, the single most prevalent motivation for carrying out data protection initiatives was simply to improve security, Shulman explained.

Compliance was also found to be a key driver, with 88 per cent of respondents saying the Payment Card Industry Data Security Standard was the main motivator for deploying programmes.

Warning signs

Although the research, which was carried out by analyst firm Securosis, indicated companies are taking security more seriously, there were also some more worrying results.

Almost two-thirds of respondents said their organisations were either unsure if they had been hit by a data breach, or claimed they hadn't been affected at all.

"For me, if they don't know or claim they had no incident, it is basically the same. It shows that they really don't know," Shulman added.

"It clearly shows that they don't have the security controls in place even to be aware of data breaches."

Another concerning sign is that malicious intentions were behind 62 per cent of breaches at respondents' firms, 33 per cent from insiders and 29 per cent from outside hackers. The rest were accidental.

Tom Brewster

Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.

He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.