New Kiteworks Report Reveals Significant Risk Maturity Gap

Over half of organizations admit their security and compliance controls for managing sensitive content communications—both internally and externally—are inadequate.

PALO ALTO, Calif., April 19, 2022 (GLOBE NEWSWIRE) — Kiteworks, the leading platform for ensuring regulatory compliance and effectively managing risk with every send, share, receive, and save of sensitive content, found in its “2022 Sensitive Content Communications Privacy and Compliance Report” that more than half of organizations believe they are inadequately protected against third-party security and compliance risks. The report attributes various reasons for this lack of preparedness, including 53% failing to encrypt all sensitive content communications with third parties, 58% lacking content governance controls to measure third-party risk, and nearly 8 out of 10 believing their compliance reports are not completely accurate.

Findings in the Sensitive Content Communications Privacy and Compliance Report are based on a survey of 400 IT, security, privacy, and compliance professionals from numerous industries and 15 different countries around the world. In addition to struggling to manage security and compliance risks efficiently and effectively, respondents indicated they spend significant time on manual tasks related to key management and encryption/decryption, governance controls, and compliance reporting.

“Nation-states and cybercriminals know that confidential, private data holds great value, and studies show that it is increasingly the target of cyberattacks,” said Tim Freestone, Chief Strategy Officer at Kiteworks. “At the same time, regulatory bodies see these trends and have instituted, and continue to do so, standards that help protect sensitive content. This report reveals that many organizations are ill-equipped to deal with the sophistication and volume of today’s cyberattacks as well as the breadth of compliance standards when it comes to sharing and storing sensitive content. This lack of maturity creates significant security and compliance risk exposures.”

In addition to the above findings, notable admissions in the report include:

  • Nearly two-thirds of organizations share and transfer confidential data with more than 1,000 third-party entities, including one-third that do so with over 2,500 third parties.
  • 41% of organizations want to see significant improvement or even a whole new approach to managing sensitive content communications.
  • 59% of organizations cited distributed denial of service (DDoS), malware, and ransomware in their top two concerns for external threats.
  • Only 21% of organizations believe their compliance reports are fully accurate.
  • Almost 8 in 10 organizations spend 20-plus hours compiling audit trails and generating reports.
  • Only 14% of organizations manage and monitor all their sensitive communications taking place in the cloud. Read more:

Leave a Reply

Your email address will not be published. Required fields are marked *