View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Software
November 16, 2009

UK firms careless about security

Reports of data loss incidents have doubled

By Vinod

Companies are failing to take simple security measures to stem data losses, despite high-profile cases spotlighting the brand damage such a cavalier attitude can cause.

The number of data losses reported to the UK Information Commissioner’s Office (ICO) for the year ending October 2009 has almost doubled to 415 incidents, compared to 277 reported for the year before, according to security firm Overtis.

Incidents have risen partly because more firms are reporting them. But the true picture is even worse. “Things have always been bad and many people are starting to behave more opening and reporting issues to the ICO, but two-thirds of the iceberg is still below the waterline,” said Richard Walters, CTO at Overtis.

Chief causes of data loss included stolen data/hardware (225), data disclosed in error (160), and lost data/hardware (166). Typically, information was lost because people failed to encrypt data onto USB sticks, for example, or through simple errors, such as pressing the ‘reply to all’ button and inadvertently sending out sensitive data to the wrong people. Security of mobile devices was also an area of concern.

Key to plugging the data hemorrhages is communication, according to Walters. “It all comes back to education and awareness. When we go out and speak to people, it’s just simple stuff they got wrong, and so much comes back to the importance of ongoing education.”

Tick-in-the-box attitudes to security, which meet auditory requirements, but fail to translate to the shop floor, were also a problem. “A lot of companies have security policies for a number of years which they are continually improving, but at the end of the day they are just words on paper, if they are not enforced,” added Walters.

High-profile cases in 2009 include the loss of 43,000 child records by Wigan Council and 20,000 patient records by the Royal Free Hampstead NHS Trust.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester


Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.