Dasera Report Analyzes Data Risk Management

Dasera, a data security posture management (DSPM) company, published The State of Data Risk Management 2024 report. This survey unveiled a “significant” disconnect between perceived and actual data security, with 63 percent of organizations believing their security measures are effective despite a record-breaking number of data breaches in the last year.

“How organizations handle and manage personal and sensitive data is under increased scrutiny and tightening standards,” said Dasera co-founder and CEO, Ani Chaudhuri. “Despite this, our report found that many organizations overestimate their security measures, leading to significant corporate risks like reputational and financial losses. As attacks become more sophisticated and targeted, organizations must proactively assess and secure their data security posture to close the gap between perceived security strength and the reality of breaches.”

Key findings included:

  • Top four threats were data breaches, ransomware, insider threats and misconfigurations.
  • 72 percent of organizations use audits, in-house legal teams, compliance software and external consultants to ensure compliance.
  • Most organizations view their data security strategy as effective, with 44 percent considering it somewhat effective and 19 percent noting very effective.
  • 27 percent of organizations have implemented data cataloging tools reflecting proactive data management and security measures.
  • 50 percent of data stores are cloud data platforms, signifying substantial cloud service adoption for data management.
  • 60 percent of organizations implemented a role-based access control system, showing the need for structured access management.
  • 38 percent use manual and automated processes to classify sensitive data, showing the importance of accurate data categorization in enhancing security.
  • 58 percent describe their approach as effective, underscoring challenges in enforcing minimal access rights to secure sensitive data.

The survey underscores the importance of adopting integrated and automated data security strategies to address significant challenges. The prevalence of manual, homegrown, often undefined processes – plus a lack of awareness and understanding among executives and departments – highlights the critical need for strategic alignment and automation in data security.

To effectively navigate the complex and evolving data risk landscape, Dasera advises organizations to implement comprehensive discovery and classification, adopt a holistic data governance framework, leverage advanced monitoring and analysis tools, prioritize risk management and compliance, educate and train staff, embrace a zero-trust security model and optimize security investments with scalable solutions.

Dasera surveyed 300+ respondents from various sectors, including education, professional services, IT, government, health and life sciences and financial services.

To download the full report, visit here.