July 28th 2020 – By Anna Cotton

Data Disparity

Originally published in Professional Security Magazine

There’s a disparity between C-Suite executives and their IT teams when it comes to visibility of their data and its security, according to a survey by a data discovery software company.

A UK survey of 500 IT professionals found that eight out of ten (84 per cent) C-Suite executives believe their organisation is continually able to identify the dark data it holds. However, half (49pc) of data managers agree that their organisation is able to locate this information. This suggests that C-Suite executives may overestimate their ability to identify dark data, or that their teams do not yet feel equipped with the tools to do so, Exonar suggests.

Dark data is defined by the market research firm Gartner as information that organisations collect, process and store during regular business activities, but generally fail to use for other purposes. Dark data is primarily unstructured data – including documents and information which has been shared and stored in email inboxes, Word documents, Excel spreadsheets and cloud storage drives, and can pose a security risk if it contains sensitive information.

Danny Reeves, CEO of Exonar said: “Every organisation is storing dark data. This poses a risk, because you can’t secure what you don’t know you’ve got. Confusion between teams over their ability to find and analyse dark data is understandable, because so few organisations truly know what data they’ve got and where it is stored. We hope that by identifying this disparity we can help organisations to address it.”

Despite this disparity, the security risks posed by dark data haven’t gone unnoticed by businesses – with two-thirds (65pc) of respondents in the research saying it poses a high risk to their organisation. However, there is evidence of a further disconnect as only about a third (39pc) of businesses are taking active steps to gain visibility of their data.

Similarly, there is disagreement on how much data security in general is being prioritised within businesses – with a third (32pc) of business owners believing their organisation is as focused on securing their data as on cyber-security, compared to just 8pc of IT managers.

Reeves added: “Data is a business’s most valuable asset, yet a considerable amount are unable to identify what data they hold. Advances in data discovery means organisations can now find and reveal both structured and unstructured data at scale right across the estate. This is the only way to understand the breadth and depth of information existing within a company. Once you know your data, you can protect and power your organisation and the people it serves by both mitigating the risks in the data and also using it in positive and proactive ways to drive the business forward.”