Last year, when Proofpoint released its annual survey, the results showed the recession had a negative effect on security.
Whether or not the economy has improved in 12 months depends on your perspective, but one thing has remained constant -- enterprise security continues to feel an economic pinch. "Outbound Email and Data Loss Prevention in Today's Enterprise, 2010" showed the following results:
In the past 12 months, 21 percent of companies investigated a suspected leak or theft of confidential or proprietary information associated with an employee leaving the company (e.g., through voluntary or involuntary termination).
Fifty-eight percent of respondents say that budget constraints have negatively impacted their organization's ability to protect confidential, proprietary or sensitive information. Fifty-three percent say the same of IT staff reductions in the past 12 months.
As Keith Crossley, director of market development at Proofpoint, told me:
When the budget is flat, there is a real impact on a company's ability to protect data. The money isn't there internally, and when a company has layoffs, there is a greater risk of data loss through ex-employees.
The Catch-22 is that, while companies are trying to save money with cuts in security budgets and layoffs, they've increased their risk of data loss, which could end up costing millions. In 2009, the Ponemon Institute released a report that found the global average of dollars lost in a data breach is $3.4 million, or $142 per record. It was higher in the U.S., at $6.75 million or $204 per record.
It appears that for the enterprise, the decision has to be spend the money now to better protect company information or risk paying a lot later.