The public believes organisations that suffer data breaches need to be penalised more than they are at the moment.
That is the conclusion of a survey from security intelligence firm LogRythm. Nearly 60% of the 1,000 respondents felt that organisations should face harsher punishments for losing data and 25% said that current punishments are unequal.
Despite being quite vocal on the severity of punishment, there seemed to be an on-going lack of awareness surrounding security threats. Six out of ten could not name an organisation that had fallen victim to a data breach and a third had never heard of current vulnerabilities such as Heartbleed and Shellshock. The findings suggest that even if such vulnerabilities are given intense media coverage, they tend to leave the public consciousness relatively quickly.
“We’ve seen a number of high-profile organisations suffer security breaches this year, but it’s still surprising that so few people are able to recall them, even after the media storms surrounding breached organisations like eBay,” said Ross Brewer, vice president and managing director for international markets at LogRhythm. “Breaches have become so commonplace that people simply expect businesses to fall victim at some point, which is resulting in them becoming numb to these types of stories.
“In fact, 45% said they felt it was inevitable that their data would eventually be compromised,” he added.
Brewer believes that such complacency may creep into the enterprise, leading to a laissez-faire attitude towards security.
“These attacks and software vulnerabilities can potentially wreak havoc, not just for individuals, but for the organisations themselves. If their employees fail to be cautious online, it will be the company that suffers the financial consequences.”