lolloj - Fotolia
The increasing number of high-profile data breaches is leading to fears that businesses don’t have the ability to detect cyber crime quickly enough, a survey has found.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
According to the survey by endpoint protection specialist Bit9 + Carbon Black, consumers in Britain are increasingly concerned there are many data breaches companies have yet to discover.
The researchers, who surveyed more than 2,000 UK adults, found that high-profile security breaches – such as the leaking of the personal details of around 32 million members of cheating site Ashley Madison – have led to increased fear of data breaches among the public, with 81% of people worrying that cyber criminals might already have stolen their personal data without anyone noticing.
The public’s fears are not unfounded. Another survey, by security firm ThreatMetrix, found that the UK is the top target for cyber criminals, with UK businesses targeted more frequently than US counterparts.
David Flower, Bit9 + Carbon Black’s managing director for Europe, the Middle East and Africa (Emea), said data breaches have become “such a regular occurrence that the public has lost patience”.
“Consumers feel that it’s taking organisations far too long to detect a breach – if they can detect it at all – which is putting them at unnecessary risk. The demands for tougher penalties are an eye-opening indication of the way things could be headed if businesses don’t sit up and take note of these concerns,” he said.
The survey found that 93% of people support mandatory and immediate disclosure of any breaches to both the public and authorities. This should be enforced by the EU Data Protection Regulation, which will replace the 1995 directive and aims to apply a single set of data protection rules across the EU to protect user data.
Read more about cyber security
However, 94% of people surveyed also believed it should be mandatory for businesses to put in place processes to detect immediately if data has been stolen. The large majority said firms should be able to detect breaches within 24 hours, with 47% wanting breaches detected within minutes. They claimed businesses should not being able to use ignorance as an excuse.
Bit9 + Carbon Black’s study also found that nearly two-thirds (63%) of the public want sensitive information to be kept under 24-hour surveillance.
“It isn’t enough to just put in a firewall and install antivirus software; cyber criminals have long since found their way past those defences,” said Flower.
“Businesses need to maintain always-on, continuous monitoring so they’re able to notify customers immediately if their data is stolen. This will enable the victim to take measures such as cancelling cards or notifying credit reference firms early enough to prevent the cyber criminals from doing any serious damage.”