UK security professionals are worryingly ignorant on the topic.
A third of British security professionals are unaware of the maximum penalty the information commissioner's office (ICO) can award for inadequate data protection.
Only around 60% of professionals knew that those found negligent of data protection standards can be fined up to £500,000 depending on the sensitivity of data and scale of the loss.
John Michael, chief executive of iStorage, said: "It is important that everybody dealing with sensitive data in the workplace understands the potential financial and reputational repercussions if it can be proved that the data they are handling is not protected properly.
"However these survey results show that this simply is not the case."
Over the last two years 36 fines have been awarded averaging £120,000, with the greatest fine being £440,000 against the joint owners of Tetrus Telecoms for sending unsolicited text messages, a decision subsequently overturned.
Most recently the ICO said it was considering an investigation against travel site Hotel Hippo for an alleged breach in which a URL could be altered to reveal customer details, shortly before the service was shut down.
Source: Company Press Release
get a cbr Cyber Security weekly update
Unable to register now
CommentsPost a comment
Comments may be moderated for spam, obscenities or defamation.
GET CBR'S DAILY MORNING UPDATE
Unable to register now
Trending on CBR
Making Your Website Safe for Online Buyers with the Qualys SECURE Seal
The number one concern of internet users is that a website will keep personal information safe and secure. Toward this end, many users look for a...
Winning the PCI Compliance Battle
This white paper reviews the basics of PCI, including who must comply, compliance requirements, validation requirements and penalties. It also...
Responding to the New Information Risk Landscape
This paper analyses the trends and changing priorities of the emerging information security landscape, setting out a new action agenda for managing...
IT Policy Compliance For Dummies
This eBook explains IT policy compliance and the steps your organisation needs to carry out to prove compliance to an independent auditor. After...