Data Breaches Not a Major Concern for Technology Companies

As our reader know, we like to keep our fingers on the pulse of industry studies regarding data breaches. And, a constant theme that we are seeing is that many organizations are either unprepared for a data breach, or don’t view data breaches as being a significant threat.

Along these lines, just today, a professional services firm called BDO announced the results of a study that found that data security and breach prevention ranks low as a risk factor for most big technology companies. Basically, BDO examined the risk factors listed in the fiscal year 2009 10-K SEC filings of the companies, and security risks, natural disasters, wars, conflicts and terrorist attacks were cited by 55 percent of respondents as a risk concern and was 16th on the list, much higher than breaches of technology security, privacy and theft, which was mentioned by 44 percent of the companies, putting it at 23rd on the list.

We find the BDO study, along with the recent Accenture study that found that nearly three-quarters of organizations believe they have adequate policies in place to protect sensitive, personal information, yet more than half have lost sensitive data within the past two years, to be very worrisome. Data breaches are not a new phenomenon and many experts believe that it is “not a matter of if, but when” regarding data breaches. Perhaps the 2010 version of the BDO report will show an increase in concern about data breaches. We can only hope.