A fifth of companies don't tell us about data breaches
However, 74 per cent of companies think they're well protected against data breaches
A report by Trend Micro has revealed that almost a fifth of companies aren't telling their customers when their data has been breached, nor do they have a formal policy to tell the data protection authority within 72 hours of discovering a breach.
"Already almost half of consumers (49 per cent) are unaware that their data can be shared with third parties and in many instances they need to opt-out to prevent it from being passed on," Rik Ferguson, Global VP of Security Research at Trend Micro said. "Having little visibility into where their data goes, and how secure that data is, spells real trouble."
The company questioned 100 senior decision makers in the UK about how they handle data leaks and it surfaced that although 74 per cent of those questioned think they are sufficiently protecting their customers, 83 per cent of companies have had to rethink their strategy following a breach.
Trend Micro's report also revealed that construction and engineering companies are least likely to tell their customers their data has been stolen, while 22 per cent of financial services companies are hesitant about telling their clients about a breach.
"Unfortunately, for many organisations the decision on whether to notify customers or keep a breach under wraps still comes down to a simple risk management calculation. Many still fail to deliver on their duty of care in hope of avoiding sanctions, brand damage and any potential customer payouts."
To help protect their customers against data breaches, organisations are not only introducing new tools, such as data protection policies, encryption technologies and remote wiping tools for lost devices, but they are also educating staff about how to protect themselves from hackers.
What you need to know about migrating to SAP S/4HANA
Factors to assess how and when to begin migrationDownload now
Your enterprise cloud solutions guide
Infrastructure designed to meet your company's IT needs for next-generation cloud applicationsDownload now
Testing for compliance just became easier
How you can use technology to ensure compliance in your organisationDownload now
Best practices for implementing security awareness training
How to develop a security awareness programme that will actually change behaviourDownload now