Identity Theft

Sensitive Data Protection Still Major Challenge for Enterprises

New report by Piiano details gaps in best practices for enterprise protection of sensitive customer data, especially in PII handling

Piiano, the leading data protection and privacy company co-founded by Gil Dabah and Ariel Shiftan, has released a new research report providing insight into the current state of enterprise privacy postures and preparedness for sensitive data breaches. The findings underscore how Personal Identifiable Information (PII) is not adequately protected, despite being a high-value target for bad actors. It is likely that this lack of emphasis has contributed to the growing number of sensitive data breaches.

Piiano’s research reveals that while at least 76% of participating companies protect PII differently from non-PII data, 54% do not treat PII protection as a high priority. To ensure that the most critical information is protected first and reduce the risk of unauthorized disclosure or exposure of information that can be used to identify an individual, Piiano CEO Gil Dabah advises that prioritizing personally identifiable information, such as social security numbers and bank accounts, is crucial. This approach also helps enterprises allocate resources more effectively and ensure that their privacy protection efforts have the greatest impact.

Piiano’s findings also indicate that although companies understand the importance of protecting customer data, it is still not prioritized as a standalone concern within company operations. This is reflected in the fact that only 24% of participating companies are satisfied with their current protection measures and 80% undertake data protection-related tasks only when linked to a clear business need or request. Moreover, only 48% of respondents indicated that they viewed privacy as a differentiator, lagging behind cybersecurity’s perception as a longtime C-Suite priority. These numbers underscore the tension between increased awareness of privacy needs and a desire for improved privacy tools, while wider organizational buy-in remains elusive.

The fact that 72% do not have high visibility into where they store PII suggests yet another area where companies could benefit from improved privacy solutions, with discovery being the most sought-after feature.

Piiano’s report was based on a comprehensive survey of security and privacy leaders from over seventy different companies, most of which employ over 1,000 people. It investigated the privacy and security best practices these leaders enforce to protect the sensitive information their companies store, collect and use in order to comply with regulations and maintain customer trust. According to Dabah, “while some of our findings demonstrate enterprise security’s embrace of best privacy practices, others, such as those related to PII-handling, are cause for concern, especially in light of recent sensitive data breaches that have caused significant harm to individuals and organizations alike.”

PII leaks are harmful to consumers because they can lead to identity theft, financial fraud and reputational damage to the individuals whose information is stolen. The leak of PII can also have serious consequences for enterprises, including fines, legal liabilities, losses in intellectual property and employee repercussions. Moreover, sensitive data leaks can tarnish an organization’s reputation, damage customer trust and create losses of revenue.

Among the highest tier of best practice is Privacy by Design (PbD), a data protection approach ensuring that privacy is considered and implemented from the earliest stages of a project. However, Piiano’s report shows that only a handful of companies have actually attempted to build their own PbD infrastructure. This is mainly due to the enormous challenges and costs involved in setting it up, including the technical aspects of data processing as well as the organizational, legal and political framework in which data processing takes place. It also requires close collaboration between privacy and security professionals and other stakeholders involved in the design and implementation of information systems. For Dabah, these results only emphasize the importance of solutions that support the PbD process.

According to Dabah privacy professionals should take heed. “Hopefully, our findings will be useful to privacy leaders by providing benchmarks and other important insights for managing privacy risks and ensuring compliance,” he said.

Visit AITechPark for cutting-edge Tech Trends around AI, ML, Cybersecurity, along with AITech News, and timely updates from industry professionals!

Related posts

ForgeRock Appoints Two New Members to Board of Directors

Business Wire

2023 Telesign Trust Index

GlobeNewswire

IDIQ Announces Acquisition of Resident-Link

Business Wire