Public, industry disagree on data breach disclosure
By ,
Two conflicting studies have today revealed a gaping difference of opinion over the need for security data breach notification laws between people and the organisations which hold their data.
The general public shouldn't be informed if a data breach occurs, according to an overwhelming majority (87 per cent) of UK IT managers polled in a global survey released today by content security vendor, Clearswift. Over half (61 per cent) didn't even think the police should be informed, despite growing industry debate over whether the European Union should implement breach notification laws.
Surprisingly, 60 per cent of the 398 IT decision-makers polled in the UK were unaware of the possible introduction of such legislation. But when informed, half (51 per cent) were in favour of such legislation being implemented.
Of those UK organisations polled, 15 per cent had suffered a data loss in the last 12-18 months and, of those, over half (58 per cent) had experienced more than one. And email was the most popular method of data transfer, despite almost a quarter (23 per cent) of organisations losing data in this way.
By contrast Symantec, commissioned Ipsos MORI to ask consumers if they would want to be notified if a public or private sector organisation lost their personal details. The overwhelming majority of respondents (96 per cent) said they would.
Bank account details (85 per cent) were priority for notification if lost, followed by their passport number (52 per cent). The security vendor also cited its earlier research that found the value of information lost in the UK due to data breaches was £47 per record compromised.
But when asked about the possible impact of data breach notification legislation, almost half (49 per cent) of UK IT manager respondents to the Clearswift survey envisaged their total annual IT spend increasing by at least five per cent. Some 26 per cent of IT managers expect that increase to be at least ten per cent.
In comparison, one in five (20 per cent) of the US respondents who have to adhere to data breach notification legislation, said they had seen no change in their IT spend since its introduction.
Stephen Millard, Clearswift vice president of strategy, warned UK IT organisations to get their houses in order regardless of any possible legislative threat. "This Clearswift research shows that when faced with the prospect of having to air some dirty laundry in public, companies are not confident they will emerge in a positive light," he said.
"This demonstrates the necessity of having appropriate measures in place to protect and secure sensitive information and for the IT community to accept responsibility for the information they manage."
Related Tags
advertisement
Latest Industry & Public Sector Features
Lessons to learn from a year of data breaches
In the year since the HMRC data breach, many more have been made public – here’s a roundup of 11 lessons (we should have) learned.
- IT proves its point as killer brought to justice
- Big IT for CERN's particle smashing experiment
- IT around the world: Russia
- SOS Bletchley Park
- NHS IT - something to celebrate?
- Becta, open source and education: Too little, too late?
- Europe's not finished with Microsoft
- Demand for tougher data breach legislation
Latest Industry & Public Sector Reviews
Cisco Systems WAAS Mobile 3.4
Rating: 
advertisement
White papers
Want more background on today's hottest IT trends?
Visit IT PRO's white paper library for more on virtualisation, encryption and other topics.
Register for IT PRO
You'll get exclusive member benefits including free white papers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
Social Bookmark this article: What is this?