Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
Access ManagementCybersecurity News

More Than One-Third of Companies Can Use Help with Access Control

Generic Image for Cyber Security
January 5, 2015

 A new report from Trustwave reveals many businesses still struggle with information security deficiencies and common security weaknesses that can elevate their risk of data breaches.

Based on a global survey of 476 information technology and security professionals located in more than 50 countries, the 2014 State of Risk Report from Trustwave offers benchmarks by which IT and security professionals can compare their risk stance against their peers. Data from the report can also be used to inform senior leadership about the largest threats they are facing, gaps that need filling and how they can remediate weaknesses and improve their security posture.

Key findings from the 2014 State of Risk Report include:

  • Data is the lifeblood of business: 81 percent of businesses store and process financial data, 71 percent store intellectual property and 47 percent store payment card data.
  • High level executives are only somewhat involved: 45 percent of businesses have board- or senior-level management who take only a partial role in security matters; 9 percent do not partake at all.
  • Sensitive data may be off the radar: 63 percent of businesses do not have a fully mature method to control and track sensitive data, while 19 percent do not have one at all. Additionally less than half (49 percent) fully encrypt stored sensitive data, with 51 percent only partially or not at all.
  • If they're breached, they don't know what to do: 21 percent of businesses do not have incident response procedures in place; 20 percent of businesses do not have a process that enables the reporting of security incidents.
  • They understand legal implications but fail to take action: 60 percent of businesses are fully aware of their legal responsibilities in safeguarding sensitive data, yet 21 percent never perform security awareness training, 23 percent never hold security planning meetings and 24 percent do not have employees that read and sign their businesses' information security policy.
  • They do not know where their valuable data lives: 33 percent of businesses have not commissioned a risk assessment to identify where their valuable data lives and what controls - if any - are in place to protect it.
  • Assumptions about third-party providers' security controls: 58 percent of businesses use third-parties to manage sensitive data, yet almost half (48 percent) do not have a third party management program in place.
  • They lack patch management programs: 58 percent of businesses do not have a fully mature patch management process in place, and 12 percent do not have a patch management process in place at all.

"Business must look at security as a business-as-usual imperative," said Michael Aminzade, vice president of Global Compliance & Risk Services at Trustwave. "Understanding their risk level is the first step. By identifying their largest security shortfalls and rectifying them, businesses can stay ahead of the criminals and decrease their risk of getting breached."

A third-party firm conducted the survey on behalf of Trustwave. The 476 respondents were information technology and security professionals primarily based in the United States, United Kingdom and United Arab Emirates. Respondents were spread across a wide variety of industry sectors, primarily consisting of technology, financial services and business services. Three-quarters of respondents came from small and midsized businesses with up to 1,000 employees.

 To download a complimentary copy of the report, visit: https://www2.trustwave.com/2014-State-of-Risk-Report.html

KEYWORDS: cyber security data breach

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Leadership and Management
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cybersecurity
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Technologies & Solutions
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Coding on screen

Research reveals mass scanning and exploitation campaigns

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

September 29, 2025

Global Security Exchange (GSX)

 

November 17, 2025

SECURITY 500 Conference

This event is designed to provide security executives, government officials and leaders of industry with vital information on how to elevate their programs while allowing attendees to share their strategies and solutions with other security industry executives.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Two people working at laptops with documents

    More than one-third of tech professionals report AI skills shortage

    See More
  • cyber_900

    Experian: More Than a Third of Companies are Unprepared to Respond to a Data Breach

    See More
  • data breach

    Hacker Responsible for Capital One Data Breach Hacked More Than 30 Companies

    See More

Related Products

See More Products
  • GSEC.jpg

    GSEC GIAC Security Essentials Certification All-In-One Exam Guide, 2E

  • CASP.jpg.jpg

    CASP+ CompTIA Advanced Security Practitioner Certification All-In-One Exam Guide...

  • 9781138378339.jpg

    Surveillance, Crime and Social Control

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing