If you could hide a data breach within your company and get away with it, would you do it? According to a new report by nCipher Security, 61 per cent of IT leaders in the UK would gladly cover up a data breach if they could escape fines.
The C-level is even more inclined towards such actions (71 per cent).
The General Data Protection Regulation, a legislative with which all businesses that handle EU citizens’ data need to comply with, demands quite the opposite. Businesses are obliged to disclose a data breach 72 hours after it happens, and to communicate with both the public and law enforcement agencies on regular basis.
Peter Galvin, chief strategy and marketing officer at nCipher Security says businesses should implement the right security measures up front, to avoid finding themselves in such a situation:
“Organisations are under a greater obligation than ever to disclose data breaches, particularly when personal information is at risk, but evidently many IT leaders – particularly at C-Level - still feel they can avoid being subject to fines and other punitive measures from regulatory bodies.
“By implementing the right security measures to protect their business critical information and applications up front by using tools such as encryption, investing in training and talent as well as understanding the regulatory landscape, businesses can take steps to avoid a damaging breach in the first place.”
Investment in technology is considered the biggest driver of security spending for the next 12 months, followed by training and employee education. This is easier said than done, given the fact that many lack skilled resources in-house, for training. It was also said that employees are not that open-minded about changing their processes and behaviours.
Image source: Shutterstock/Ai825