Dark data, or legacy information that a company has compiled but no longer needs, represents the biggest potential cybersecurity vulnerability for U.S. and U.K. business, according to a new “DealMaker Meter” report by risk and compliance specialist Donnelley Financial Solutions.
Legacy Data Is Cyberattack Target
Holding onto dark data, which ranges from outdated customer information to old employee records, is driven by a company’s interest in accumulating a wide variety of data sets, or big data, to improve marketing, product development and customer service, among other promotional needs, the Chicago, Illinois-based Donnelley said.
However, legacy information often goes unprotected, creating potentially rich targets for cyber criminals. It can be unstructured, sensitive, personal or otherwise high risk that an organization has collected over a lengthy period of time but isn’t that useful anymore.
What Donnelly Learned
In its newly released report, Donnelley gleaned information and insights from a blue-ribbon panel of finance, legal, HR and IT professionals at large public and private companies in the U.S. and U.K., including the following:
- Nearly seven of 10 enterprise leaders surveyed said data storage presents more risk than value. While 33% of senior leaders and IT personnel are aware of the risks of dark data, 18% of others within organizations are less knowledgeable.
- 96% of executives are concerned about data fraud and 95% are worried data breach incidents will increase over the next two years.
- Company leaders are focused on improving how their companies protect sensitive data, with 77 % enacting new policies and processes, 72% increasing reporting measures and 75% investing in partners and software and solutions.
- To enhance protection, more than 83% indicated they would choose new technology tools over adding more team members, the choice of just 17%.
Dannie Combs, chief information security officer at Donnelley, offered perspective to the report:
"This report shows that the appetite for big data within corporations has a cost. Our clients are increasingly turning to us to help mitigate the risks associated with dark data. We are seeing an influx of requests from companies to leverage virtual data rooms as corporate repositories to store, secure and manage data across departments including finance, legal, HR and R&D.”
