Our good friends at the Ponemon Institute have issued some important and sobering findings, indicating that 70 percent of UK organizations have experienced at least one data breach in the past year. Equally alarming is the fact that less than half of these breaches were made public, as there was no legal or regulatory requirement for disclosure.
The report finds a direct correlation between an organization’s likelihood to experience data loss and its lack of a consistent, organizational-wide strategy and enforcement of data protection and encryption policies.
Many of the organizations surveyed indicated that data protection was among its top priorities, but what caused many to fall victim to data loss was the lack of a unified, consistent approach to protect data that would apply across every access point and device in an organization. This approach will quickly fade over the coming months. Legislation, increasing awareness, and the requirements of standards like PCI-DSS will cause companies that have not undertaken a unified approach to consider it – strongly.
If outside pressures are not enough, then financial ones will be. Recent research by Ponemon found that the average UK data breach costs a total of 1.7 million pounds Sterling; the equivalent of 60 pounds Sterling for every record compromised.
These numbers are too costly for us all. Personally, I don’t care about the cost – I simply want my data held safely!