One in five UK businesses would keep a data breach secret
Almost a fifth (19 percent) of companies in the UK wouldn’t notify their customers in case of a data breach, a new report highlights.
As the EU GDPR draws closer, Trend Micro investigated if companies have formal processes in place to notify data protection authorities (within 72 hours), and the public, in case of a data breach, as will be enforced by the Regulation.
More than half, 57 percent, said they did have them, and that they always do notify properly.
But, just under a fifth (19 percent) said they do have processes in place, but deliberately avoid telling their customers. This percentage grows in industries such as financial services (22 percent), large businesses (33 percent), and construction and engineering companies (50 percent). Another 19 percent said they had no formal processes in place.
That’s why it’s even more interesting to see that the confidence in the industry’s capability to guard customer data is growing. Almost three quarters (74 percent) of UK businesses feel they could protect themselves against data breaches, jumping from 69 percent back in 2014.
Almost all companies (83 percent) were forced by high-profile breaches (Mossack Fonseca, Sony Pictures Entertainment, etc.) to rethink their data protection strategy, and almost half of those (43 percent) now have new processes.
"Already almost half of consumers (49 percent) are unaware that their data can be shared with third parties and in many instances they need to opt-out to prevent it from being passed on. Having little visibility into where their data goes and how secure that data is spells real trouble", says Rik Ferguson, global VP of Security Research at Trend Micro.
"Unfortunately, for many organizations the decision on whether to notify customers or keep a breach under wraps still comes down to a simple risk management calculation. Many still fail to deliver on their duty of care in hope of avoiding sanctions, brand damage and any potential customer payouts".
Published under license from ITProPortal.com, a Net Communities Ltd Publication. All rights reserved.
Photo credit: Vladimir Gjorgiev / Shutterstock