Findings from a recent poll conducted by Protegrity Corporation, a technology innovator for data security management, show that 52 percent of companies see database security as the top priority. However, to date, 72 percent of companies have spent security budgets on perimeter security and only 7 percent of responding companies have invested in database security.
"This disconnect demonstrates the dangerous vulnerability of sensitive information in most companies," said Gordon Rapkin, president and CEO of Protegrity. "Companies have traditionally focused investments on network security and firewalls in response to outside security threats. However, they have spent very few dollars on or devoted significant attention to securing their databases, which typically house millions of customer and other confidential records. This leaves databases unprotected to security threats, including those inside the firewall such as employees, partners, or suppliers."
According to the poll, over 75 percent of respondents cite regulatory compliance or liability as the main driver behind current security initiatives. Regulations such as HIPAA, the Gramm-Leach-Bliley Act, Sarbanes-Oxley, Visa's Cardholder Information Security Program, Master Card's Site Data Program, and California State Bill 1386 have recently been implemented in order to protect personally identifiable consumer information from misuse and ensure information integrity. By defining reasonable security standards, these regulations also increase the risk of liability lawsuits for companies not adopting best-practice security precautions.