Over half of businesses have suffered a data breach

Image Credit: Shutterstock

IT professionals are still struggling to secure their organizations according to new research from McAfee which revealed that 61 percent have experienced a data breach at their current employer.

The firm's new Grand Theft Data II – The Drivers and Shifting State of Data Breaches report surveyed IT professionals from Australia, Canada, France, Germany, India, Singapore, the US and the UK across a wide range of industries to learn more about today's security landscape.

The report found that data breaches are also becoming more serious as cybercriminals continue to target intellectual property putting the reputation of company's brands at risk and increasing their financial liability.

McAfee's study shows the need for a cybersecurity strategy that includes implementing security solutions combined with employee training and an overall culture of security throughout the organization to reduce future breaches.

Severity of data breaches

The report also revealed that data is now being stolen using a wider range of methods with no single technique dominating the industry. Database leaks, cloud applications and removable USB drivers were the top vectors used to exfiltrate data.

McAfee found that personally identifiable information (PII) and intellectual property (IP) are now tied as the data categories with the highest potential impact to 43 percent of respondents. PII is of greater concern in Europe (49%) due to the recent enforcement date of GDPR.

When it came to taking responsibility for a breach, 55 percent of IT professionals believe that c-level executives should lose their job if a breach is serious enough though 61 percent also said that the c-level executives they work with expect more lenient security policies for themselves.

Vice president and chief technical strategist at McAfee, Candace Worley offered advice on how organizations can better protect themselves from data breaches, saying:

“Threats have evolved and will continue to become even more sophisticated. Organisations need to augment security measures by implementing a culture of security and emphasising that all employees are part of an organisation’s security posture, not just the IT team. To stay ahead of threats, it is critical companies provide a holistic approach to improving security process by not only utilising an integrated security solution but also practicing good security hygiene.”