The weak state of many enterprises’ database infrastructures has been the glass jaw to suffer the bulk of the knockout breaches of 2012. While 10 percent of total security spending goes into database protections, 92 percent of stolen data comes out of databases. The most important first step is to gain visibility into where sensitive databases exist and who is accessing them. Many organizations have already been forced by regulatory checkboxes to implement database activity monitoring, but haven’t fully leveraged its capabilities, one expert says.”]
Source: https://www.darkreading.com/database-security/making-database-security-your-no-1-2013-resolution