Most businesses do not understand data breach risks

Research by HP has uncovered a lack of understanding among businesses of the risks associated with data breaches. More than 70% of US and UK executives surveyed by the Ponemon Institute said that their organisation does not understand fully the dangers of breaches, while less than half of top executives and board members are kept informed about the response process.

The 2014 Executive Breach Preparedness Research Report was designed to highlight the importance of senior executive involvement in the response to data breaches.  While 79% of the nearly 500 senior executives polled agreed that executive-level involvement in the response process was necessary to a successful resolution, only 45% said that they were accountable for the process. The research also found that most executives are more concerned about threats from within their business than external attacks.

As we discussed last week, the financial cost of data breaches can be huge, not to mention the missed revenues due to reputational damage. This is why direction and leadership is needed from those at the top. Executives need to be aware of and actively involved in the data breach response process, and there needs to be a clear plan in place to prevent security incidents from escalating to a complete disaster for the company.

The Ponemon Institute noted that senior executives and board members may have been complacent about the effects of cyber-attacks and data breaches in the past, but are now gradually realising the damaging costs of such incidents. This is welcome news and we hope that senior executives will continue to take a more active role in their response to data breaches, educating themselves and their staff about the risks and start investing in the best security technology available.