Most companies try to keep data breaches from their clients and half fail to report problems to the police or authorities.
Only 40% of the 300 public and private firms surveyed by services organisation Logica said they had told clients of data breaches. What was particularly worrying – and baffling given the high profile data losses reported over the last year – was that 57% had “no idea” or understanding about the impact of such a breach on their company. Half the respondents wanted to pass the buck to the IT department, blaming them for any data security problems.
“This complacent attitude not only increases the likelihood of financial and reputational consequences, but also highlights the inadequate security policies and protocols that UK organisations have in place,” said Tim Best, director enterprise security solutions at Logica.
This complacency was further demonstrated both by respondents’ attitude to training staff – only 30% educated workers about IT security and information handling regularly – and to data compliance, as only a quarter said they complied to ISO standards for storing personal data.