How Frequent Are Enterprise Data Leaks? Some Corroborating Research

Came across an interesting press release today from DRM/secure document exchange vendor Confidela today that summarizes some findings from a survey of “500 IT professionals and C-level executives” about various document security issues.

Among their findings:

“One in three admitted to having at least one incident when data had leaked.”

While I’m assuming that the Confidela survey doesn’t have quite the same statistical rigor of our own research on data loss events (see Outbound Email and Data Loss Prevention in Today’s Enterprise, 2010), it’s interesting to see that this finding jibes with some of my company’s own data.

Over the past few years, about a third of IT decision makers in large enterprises have consistently told us that their organization was impacted by the theft or exposure of some sort of confidential or proprietary information in the preceding 12 month period.

One area where Confidela’s findings are different is that, among their survey respondents, only 12% reported using a data loss prevention or digital rights management system. I’m guessing that the Confidela survey sample is comprised more of small and medium-sized businesses as our latest research (which surveyed only large organizations—those with 1000 or more employees) finds that for large enterprises, adoption of various technologies that would fall into the rather broad category of “data loss prevention” is closer to 40%.

At any rate, I think we can say with confidence now that across all types of businesses, about 1 in 3 will experience a data loss event in any given one year period.

SHARETweet about this on TwitterShare on LinkedInShare on FacebookShare on Google+Pin on PinterestDigg thisShare on RedditShare on TumblrShare on StumbleUponEmail this to someone

Keith Crosley directs corporate communications for Proofpoint. Keith’s job entails the promotion of Proofpoint e-mail security solutions to press, analysts and the enterprise e-mail security market at large. His blog covers a wide variety of e-mail security topics including anti-spam, phishing, identity theft, data breaches and the policy, culture and technology issues that surround e-mail. Previous positions have included director, corporate communications at Elance, senior director, worldwide public relations at BroadVision and director of marketing at As a key spokesperson for Proofpoint and e-mail security evangelist/researcher, he takes part in television and radio appearances. Avocationally and semi-professionally, he is a filmmaker, musician and all-round multimedia enthusiast.