Nearly two-thirds of security executives believe they have no way to prevent a data breach, according to the latest industry research by privacy and information management research firm the Ponemon Institute. What's more, most respondents believe their organizations lack the accountability and resources necessary to enforce data security policy compliance.

These results were derived from a national survey on information security professionals' experiences in detecting and preventing the leakage of sensitive or confidential information to unauthorized parties, both outside and inside an organization. Announced by the Ponemon Institute and PortAuthority Technologies Inc., the leader in Information Leak Prevention (ILP), the National Survey on the Detection and Prevention of Data Breaches examines the responses of 853 randomly selected, U.S.-based information security professionals to questions related to data protection and prevention within their organizations.

An analysis of the study suggests that, in spite of increased attention and intense media and public scrutiny, the state of data security within U.S. corporations remains a serious challenge. Key findings of the study include:

59 percent of companies surveyed believe they can effectively detect a data breach, but a staggering 63 percent believe they cannot prevent a data breach. High false positive rates of up to 35 percent affect an organization's ability to detect a breach.

41 percent of companies surveyed do not believe they are effective at enforcing data security policy. The top reason given for failed enforcement is lack of resources.

Companies report a 68 percent probability of detecting a large data breach (more than 10,000 data files), while small data breaches (fewer than 100 files) are likely to be detected only 51 percent of the time.

16 percent of companies surveyed believe they are invulnerable to a data breach.

Excessive cost was cited as the primary reason organizations do not use leak prevention technologies, with 35 percent stating that leak prevention technologies are too expensive.

"Our data show that, in spite of the increased attention being paid to the issue of data security, enormous gaps remain in corporate America's ability to effectively protect sensitive data, and that a lack of accountability as well as a dearth of resources dedicated to the problem are at the root of the problem," Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, said.

"As we have shown in the past, the costs associated with a data breach can be steep, yet many companies have been slow to address this issue in a meaningful way. Based on our findings, we believe that establishing clear accountability, as well as investing in training and technology can help organizations best leverage their existing resources, close these gaps, and better protect information assets, including customer data and intellectual property."

The "National Survey on the Detection and Prevention of Data Breaches" also provides insight related to data breach response; technologies, practices and procedures used to detect and prevent data breaches; primary issues, challenges and possible impediments to effectively detecting and preventing data breaches; and enforcement of data protection policy.

"While data leaks continue to make headlines today, PortAuthority Technologies is interested in learning and addressing the root causes of these issues," said Raj Dhingra, PortAuthority Technologies vice president of marketing. "We think this study helps bring greater understanding of these issues, while validating that the industry requires much more than just monitoring of information leaks, but automated enforcement to best prevent information leaks. Enforcing policies has been our mission since we pioneered this technology in 2002."

Copies of the "National Survey on the Detection and Prevention of Data Breaches" are available upon request through the Ponemon Institute at www.ponemon.org/, and from PortAuthority Technologies at www.portauthoritytech.com/ breachsurvey.