Continuous monitoring of database networks is the best approach to avoid breaches such as the high-profile attacks against major U.S. retailers, according to a Ponemon Institute and DB Networks study.

More than half (57 percent) of respondents believed that the attacks against the U.S. retailers involved SQL injection as one of the components of the attacks.

The research was conducted to gain a deeper insight into the recent U.S. retailers breaches, including to better understand why these retailers were so vulnerable, what security countermeasures could have been employed, and who was likely responsible for the attacks.

The study analyzed responses from 595 IT security experts in the United States working across a broad spectrum of industries and also the public sector. Study respondents are very familiar with the security compliance requirements for retailers who accept payment cards, and 69 percent of the respondents indicated their organization must comply with PCI DSS.

“While details of the recent retailers breach haven’t yet been fully disclosed by the retailers who were breached or the U.S. Secret Service in charge of breach investigations, this study offers some interesting industry insight into these events from IT security professionals and experts familiar with PCI DSS,” said Dr. Larry Ponemon, founder and chairman of the Ponemon Institute.

Additional key findings of the study include: