Over half of organizations admit their security and compliance controls for managing sensitive content communications—both internally and externally—are inadequate.
Palo Alto, Calif., April 19, 2022 – Kiteworks, the leading platform for ensuring regulatory compliance and effectively managing risk with every send, share, receive, and save of sensitive content, found in its “2022 Sensitive Content Communications Privacy and Compliance Report” that more than half of organizations believe they are inadequately protected against third-party security and compliance risks. The report attributes various reasons for this lack of preparedness, including 53% failing to encrypt all sensitive content communications with third parties, 58% lacking content governance controls to measure third-party risk, and nearly 8 out of 10 believing their compliance reports are not completely accurate.
Findings in the Sensitive Content Communications Privacy and Compliance Report are based on a survey of 400 IT, security, privacy, and compliance professionals from numerous industries and 15 different countries around the world. In addition to struggling to manage security and compliance risks efficiently and effectively, respondents indicated they spend significant time on manual tasks related to key management and encryption/decryption, governance controls, and compliance reporting.
“Nation-states and cybercriminals know that confidential, private data holds great value, and studies show that it is increasingly the target of cyberattacks,” said Tim Freestone, Chief Strategy Officer at Kiteworks. “At the same time, regulatory bodies see these trends and have instituted, and continue to do so, standards that help protect sensitive content. This report reveals that many organizations are ill-equipped to deal with the sophistication and volume of today’s cyberattacks as well as the breadth of compliance standards when it comes to sharing and storing sensitive content. This lack of maturity creates significant security and compliance risk exposures.”
In addition to the above findings, notable admissions in the report include:
- Nearly two-thirds of organizations share and transfer confidential data with more than 1,000 third-party entities, including one-third that do so with over 2,500 third parties.
- 41% of organizations want to see significant improvement or even a whole new approach to managing sensitive content communications.
- 59% of organizations cited distributed denial of service (DDoS), malware, and ransomware in their top two concerns for external threats.
- Only 21% of organizations believe their compliance reports are fully accurate.
- Almost 8 in 10 organizations spend 20-plus hours compiling audit trails and generating reports.
- Only 14% of organizations manage and monitor all their sensitive communications taking place in the cloud.
“The Kiteworks platform provides our customers with a Private Content Network that delivers a comprehensive security and compliance approach for sharing and storing sensitive content communications,” said Frank Balonis, CISO and SVP of Operations at Kiteworks. “Granular audit controls and reporting to the level of user, folder, and file, and capabilities such as geofencing and encryption for data at rest and in motion enable our customers to protect all of their sensitive content communications while remaining compliant with a long list of regulatory standards.”
To read the 2022 Sensitive Content Communications Privacy and Compliance Report, download your copy here. You can also watch our webinar featuring a panel of privacy and compliance experts who discuss key report findings and pinpoint actionable recommendations
Kiteworks’ mission is to empower organizations to effectively manage risk in every send, share, receive, and save of sensitive content. The Kiteworks platform provides customers with a Private Content Network that delivers content governance, compliance, and protection. The platform unifies, tracks, controls, and secures sensitive content moving within, into, and out of their organization, significantly improving risk management and ensuring regulatory compliance on all sensitive content communications.
The Accellion enterprise content firewall prevents data breaches and compliance violations from sensitive third party communications. With Accellion, CIOs and CISOs gain complete visibility, compliance and control over IP, PII, PHI, and other sensitive content across all third-party communication channels, providing secure email, secure file sharing, secure mobile file sharing, enterprise app and Microsoft Office plugins, secure web forms, secure file transfer like SFTP, and enterprise workflow automation. Accellion has protected more than 25 million end users at more than 3,000 global corporations and government agencies, including NYC Health + Hospitals; KPMG; Kaiser Permanente; National Park Service; Tyler Technologies; and the National Institute for Standards and Technology (NIST). For more information please visit www.accellion.com or call (650) 485-4300. Follow Accellion on: LinkedIn, Twitter, and Accellion’s Blog.