A new survey conducted by Ponemon Institute and sponsored by database security software maker Application Security finds that while businesses are devoting more time and money to protecting their information stores, much work remains to be done in the area. A new survey conducted by Ponemon Institute and sponsored by database security software maker Application Security finds that while businesses are devoting more time and money to protecting their information stores, much work remains to be done in the area.According to the study — which involved a survey of 649 IT workers in the United States, Europe, the Middle East, and Asia — security professionals understand the growing impetus behind protecting databases from both internal and external misuse, however, many companies lack the strategy, technology and funding necessary to lock down even their most important assets.The report specifically contends that companies remain largely unprotected from many forms of insider attacks, often cited by security researchers as the leading source of data leakage from organizations, large and small. Some 57 percent of those surveyed said they do not believe that their organizations have taken adequate measures to protect against insider threats, with 55 percent of respondents indicating that their organizations are not doing enough to stop data loss in general.The study also found that companies are doing a far more rigorous job today of protecting their customer data than they are working to protect employee information. Roughly 40 percent of those surveyed said their organizations do not have necessary tools in place to guard their databases, or were unaware of whether their companies’ databases are monitored for suspicious activity at all. More than 95 percent of those interviewed said that they would value technologies that helped them to understand and prioritize database security needs within their organization more effectively.“This shortfall can be attributed to the massive scale of corporate data stores and the lack of IT resources,” Ponemon said.Some 88 percent of those surveyed for the study reported that they manage greater than 100 databases and a majority of respondents said that they oversee in excess of 500 databases. Meanwhile, 54 percent of the IT workers surveyed said their companies planned zero, or only slight staff increases during 2007.Surprisingly, despite the growing mountain of data protection and compliance regulations affecting businesses, some 40 percent of respondents admitted that adjusting their operations to meet changes in such guidelines is not on their agenda this year, with another 15 percent ranking such efforts a “low priority.”The Ponemon study also found that smaller organizations with an annual IT budget below $30 million spend a smaller percentage of their overall allowance on security, including database protections. Security