UK businesses are lagging behind many of their overseas trading
partners in protecting data, according to
PricewaterhouseCoopers.
Nearly half (49%) of UK executives do not know how many security
incidents their organisations have experienced in the past year,
the report said.
That is compared with just 7% in China, 18% in India and 41% in
the US, according to the 2009 Global State of Information Security
Survey by
PricewaterhouseCoopers.
Only 37% of UK respondents said their organisation had an
accurate inventory of where sensitive data was stored, compared
with 50% in China and 48% in the US.
Almost two-thirds (63%) of UK respondents admitted they do not
have a chief information security officer. This puts the UK 5%
behind the US 18% behind China.
More than half (53%) of UK companies said they do not have a
disaster recovery plan, compared with 35% in the US.
Global investments in information security are led by the use of
biometrics, especially in China, where 69% of respondents said they
were used, compared with just 22% in the UK.
Jon Hayton, a director in PwC's forensic investigations team,
said good security practice needs to be embedded into the DNA of a
business, not bolted on as an afterthought.
"Unfortunately, there are many organisations where this is still
the case. This makes their security performance very fragile," he
said.