Executive Summary – 2022 Sensitive Content Communications Privacy and Compliance Report

www.kiteworks.com

Executive Summary

Kiteworks’ 2022 Sensitive Content Communications Privacy and Compliance Report is based on findings from a

detailed survey of IT, security, privacy, and compliance leaders representing 15 different countries.

1

The objective

of the survey was to identify key challenges and trends when it comes to how organizations govern and secure

sensitive content communications.

The report comes at a time when the average cost of a data breach now exceeds $4 million, according to IBM

what devices it was shared, and where it is stored.

One of the foremost takeaways from the report is that a majority of organizations are inadequately protected against

third-party security and compliance risks related to sensitive content communications. There are numerous reasons

behind this issue.

Complexity, Silos, and Inefficiencies

Most organizations share sensitive content with a long list of third-party entities. Two-thirds of organizations do so

with more than 1,000 third parties, while one-third have over 2,500. The complexity of governing and securing these

sensitive content communications is heightened due to all organizations in the survey admitting to using numerous

communication channels, including email, file sharing, web forms, file transfer and automation protocols, and

application programming interfaces (APIs). Email and file sharing are most used, though other communication

Security Gaps

Secure content communications requires numerous governance and security protocols. Encryption of private data in

transit and at rest should be a requisite. But a majority of organizations admit that they do not encrypt all their sensitive

content communications. Insider threats remain a key concern—and rightfully so (more respondents ranked it their

Risk Management

Both security and compliance risks can be a serious challenge for organizations. Disaggregated and siloed content

communications protocols and technologies and the lack of metadata that provides a centralized pane of glass

and management platform create substantial risk. This is the likely reason over half of the respondents said their

delivers content governance, compliance, and protection. The platform unifies, tracks, controls, and secures sensitive content moving within, into, and out of their organization, significantly improving risk management and ensuring regulatory

compliance on all sensitive content communications.

www.kiteworks.com

Compliance

All organizations must comply with varying regulations and standards. These compliance requirements are

related to risk management and the aim of maintaining an acceptable level of risk based on cyber insurance and

other factors. The majority of respondents must compile compliance reports for more than seven regulations

or standards annually. These typically take a significant amount of time and resources to compile. Yet, 89% of

respondents reveal that their compliance reporting is not fully accurate.

can result in a significant impact—both on individuals and organizations. Beyond the financial impact of losing

confidential IP and data exposing mission-critical corporate strategies and secrets, the latter can suffer severe

brand reputation damage that has long-lasting implications. Noncompliance penalties and fines with regulatory

standards also incur a significant cost—not to mention the brand degradation that often comes with them as well.

The 2022 Sensitive Content Communications Privacy and Compliance Report confirms that sensitive content

communication security and compliance risks are a real challenge for many organizations. Disparate toolsets and

the lack of governance tracking and controls—including centralized metadata—make it difficult for organizations to

manage these security and compliance risks. For more insights, download the full report today.

References