Huffpost UK uk

European Fines Aren't Enough To Scare UK Businesses Into Protecting Your Data Better

Posted: Updated:
DATA PROTECTION UK BUSINESS
Companies are not doing enough to protect consumers' data, research finds | Alamy

More than half of UK businesses expect to lose data, but won't beef up their security systems despite the threat of fines of up to hundreds of thousands of pounds.

Data management company Iron Mountain found that two-thirds (66.7%) of UK businesses said the threat of fines was having little impact on their company's data protection policies to protect sensitive information.

However, it seems that businesses are more concerned about clawing any losses back than preventing the data breach - 84% of businesses have either insured or are looking at insuring their business against the financial impact of a data breach.

Commenting on the survey findings, Christian Toon, head of information risk at Iron Mountain Europe, said in a statement: "The fact that more than half of European organisations see data loss as an inevitability is worrying. It illustrates that businesses of all sizes are failing to take appropriate steps to protect information. It seems many would rather insure against the cost of a breach than take steps to prevent it.

"By thoroughly understanding the risks to both paper documents and digital data, and by developing a culture of information responsibility, or what people are calling Corporate Information Responsibility, firms can protect against data loss and restrict the impact of any breach to a minimum."

The survey results come hot on the heels of electrical giant Sony facing a £250,000 fine for not protecting the data of its gamers well enough - The PSN service was attacked in April 2011 and taken offline for about a month by the US-based hacker George Hotz.

The hackers were able to access customer details including addresses, birthdays, credit card numbers, phone numbers and other information.

Sony had already apologised for the hack and offered gamers free games in compensation, but the Information Commissioner's Office said that wasn't enough.

It criticised the gaming giant for lacking adequate security software, and said it was guilty of a "serious breach" of the Data Protection Act. The breach was "one of the most serious ever reported" it said.

Sony has said it "strongly disagrees with the ICO's ruling and is planning an appeal".

"Criminal attacks on electronic networks are a real and growing aspect of 21st century life and Sony continually works to strengthen our systems, building in multiple layers of defence and working to make our networks safe, secure and resilient.

"The reliability of our network services and the security of our consumers' information are of the utmost importance to us, and we are appreciative that our network services are used by even more people around the world today than at the time of the criminal attack."

Around the Web

Data Protection Advice and Guidance for Businesses - ICO

Principle 1 of the Data Protection Act - Guide to Data Protection

UK business fears impact of new EU data protection framework

How the EU Data Protection Regulation could affect you and your ...

DMA: senior execs are 'unaware' of data protection reforms' business threats

Sony Fined Nearly $400000 By U.K. Data Protection Watchdog For 2011 ...

MEP's strict amendments to EU data protection worry tech industry

Sony Slapped With $390000 U.K. Data Breach Fine

 
Presented By Chivas Regal Scotch Whisky