Intellectual property theft spreading fast

One-third of US enterprises recently surveyed admitted losing sensitive data in the past 12 months, while another 11 per cent were 'unsure' whether a breach had occurred.

Research conducted by the Enterprise Strategy Group for information monitoring firm Reconnex noted that intellectual property protection goes beyond securing private records.

Fear of intellectual property theft has become such a priority that 90 per cent of companies plan to deploy new technologies to secure their information in the next 12 months.

The "epicentre of risk" continues to be insiders who are negligent or act with malicious intent. Some 58 per cent of firms believe that the biggest threat to their data is from malicious or negligent insiders.

While the physical loss of laptops and USB devices, and the data they contain, remains a concern, this represents only a portion of total risk.

The research found that many organisations believe that intellectual property is likely to leak via traffic on the network such as email or the web.

Ironically, there are still some organisations that do not inspect such obvious and well documented leak points as webmail and instant messages.

The research found that one third of companies' sensitive data and intellectual property exists in application databases where it can be secured and managed centrally.

An additional 28 per cent resides in file system. This is contrary to past reports indicating that email is the number one source of confidential data leakage.

About 70 per cent of organisations review their data protection policies on a quarterly or monthly basis.

"Intellectual property permeates even the furthest corners of the corporate network," said Eric Ogren, security analyst with the Enterprise Strategy Group.

"Security teams using manual procedures to protect the business against this leakage face a challenge finding cost-effective approaches to discover, classify and protect intellectual property.

"The overwhelming risk of insider abuse, and the expense of manual procedures, screams out for technology administered by an independent security/audit staff."