News

UK public losing patience with organisations over personal data security

Warwick Ashford

Warwick Ashford Warwick Ashford

Warwick Ashford is chief reporter at Computer Weekly. He joined the CW team in June 2007 and is focused on IT security, business continuity, IT law and issues relating to regulation, compliance and governance. Before joining CW, he spent four years working in various roles including technology editor for ITWeb, an IT news publisher based in Johannesburg, South Africa. In addition to news and feature writing for ITWeb’s print publications, he was involved in liaising with sponsors of specialist news areas on the ITWeb site and developing new sponsorship opportunities. He came to IT journalism after three years as a course developer and technical writer for an IT training organisation and eight years working in radio news as a writer and presenter at the South African Broadcasting Corporation (SABC).

View all articles by Warwick Ashford >>

warwick.ashford@rbi.co.uk 020 8652 8505 Active Warwick Ashford False True

UK consumers are increasingly concerned about the security of their personal dataafter a string of high-profile data breaches in the past year, a survey shows.

In a poll of 2,000 consumers commissioned by log management firm LogRhythm, 80% of respondents said they had reservations over trusting organisations to keep their data safe from hackers.

This figure is up 17% from a similar survey by LogRhythm conducted as recently as November 2010.

The UK public is now more prepared to act against organisations that lose data than in 2010.

Last year 17% of respondents said they would never have anything to do with organisations that lost data as a result of cyber crime. In 2011 this figure rose to 26%.

A further 61% said they would try to avoid interacting with organisations if possible. Just 13% said their attitude to a brand would be unaffected by a data-loss incident.

"In a year that has seen an unprecedented number of high profile data breaches, it is hardly surprising to see public opinion shift in this way," said Ross Brewer, managing director and vice-president of international markets at LogRhythm.

"Organisations need to look at these findings and realise that, unless data security is improved, they will lose customers and the bottom line will be affected," he said.

The European Commission is due to publish the new version of its Data Protection Directive in November following a public consultation that ended in September.

The EC Data Protection Directive is expected to include recommendations regarding mandatory data breach disclosure law covering public and private sector organisations.

"Once in effect, data breach notification laws will make it easier for the public to identify, and boycott, those organisations that are being irresponsible when it comes to data protection," said Brewer.

The survey showed 72% of respondents thought all breaches should be publicised while 11% felt only breaches of a pre-determined size should be made public.

When asked about the process involved, 69% wanted to be notified immediately; 19% were happy for an investigation to take place before affected customers were notified; while 10% thought notification should depend on whether the information was of a sensitive nature.

"The high proportion of respondents in favour of universal and instant notification tells us a lot about the lack of trust that exists when it comes to organisation's ability to defend against cyber attacks," said Brewer.

When asked if organisations are doing enough to secure customer data, 81% did not believe this was the case and more needed to be done.

The survey revealed the UK public is largely unaware of the work of the Information Commissioner's Office (ICO) with 64% of respondents saying they had not heard of the ICO. Of those that were familiar with the ICO, only 33% thought it was doing a good job.

MetaKeywords MetaDescription Sensitive Landingpage False


 

COMMENTS powered by Disqus  //  Commenting policy