Breaches of sensitive data are extremely costly for organizations when you tally data loss, stock price impact, and mandated fines from violations of General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), or other regulations. They also can diminish the trust of those who become the victims of identity theft, credit card fraud, or other malicious activities as a result of those breaches. In 2021, the number of data breaches climbed 68 percent to 1,862 (the highest in 17 years) with an average cost of USD4.24 million each.1About 45 million people were impacted by healthcare data breaches alone—triple the number impacted just three years earlier.2
Sensitive data is confidential information collected by organizations from customers, prospects, partners, and employees. Common types of sensitive data include credit card numbers, personally identifiable information (PII) like a home address and date of birth, Social Security Numbers (SSNs), corporate intellectual property (IP) like product schematics, protected health information (PHI), and medical record information that could be used to identify an individual.
Every level of an organization—from IT operations and red and blue teams to the board of directors—could be affected by a data breach. How do organizations identify sensitive data at scale and prevent accidental exposure of that data? Let’s look at four of the biggest challenges of sensitive data andstrategies for protecting it.