A third of UK businesses have no data breach response plan.
According to research by Experian of 400 senior business executives, only a third have specific budgets set aside to deal with data breaches, despite 81 per cent saying that they are concerned about the financial impact of recovering from a breach.
Amir Goshtai, managing director of affinity at Experian Consumer Services, said “The prevalence and severity of data breach incidents will continue to accelerate, as will the volume of reported cases. When coupled with the potential for greater regulation, increased consumer awareness and widespread media coverage, it has never been more important for organisations to be well prepared.”
Mike Spykerman, vice president of product management at OPSWAT, told IT Security Guru that as long as there is a market for stolen data, data breaches will continue to increase.
“Unfortunately data breaches continue to rise as they are lucrative, relatively low risk, and can be engineered using readily available malware on the black market and publicly available information on the internet,” he said.
“It is concerning that 39 per cent of surveyed companies had no reporting procedures in place for lost data or devices, since these could be the entry point for data breaches. Companies should prepare their defences against a data breach by deploying several cyber security layers including device monitoring and management, scanning with multiple anti-malware engines, and advanced threat protection.”
The survey further found that 39 per cent of respondents have no reporting procedures in place for lost data or devices, and less than half have data breach or cyber insurance policies in place.
Goshtai said: “Consider that 52 per cent of all detected fraud in the last year is now as a result of identity theft together with the fact that already on a single day in February 2015, there was more personally identifiable information illegally traded on the dark web than in a three-month period during 2014. Businesses in the UK are facing an uphill battle to protect themselves and their customers.”
Dietrich Benjes, VP EMEA of Varonis, said that he expects 2015 to be worse for companies as well as consumers, and this will prompt the most well-managed organisations to abandon the traditional view that productivity and security represent a trade-off, and realise the opportunity of technology that improves security and makes you more productive.
“The good news is that there’s a connection between how well we can control our data and how effectively we can make use of it, and smart organisations (and consumers) are starting to figure this out,” he said.
“In 2015, more companies and Governments and other institutions will pro-actively implement the kind of automated preventive and detective controls around their data that not only reduce risk, but actually help organisations get more out of their data, and help employees be more efficient and productive at the same time.
“Organisations need to cope with data stores that are expanding rapidly while satisfying employees that demand quick access to information from more devices. To balance productivity and security, IT needs to offer a collaboration experience while keeping the organisation’s data where it can be controlled, managed, and protected.”