Research from BT shows that 75% of UK employees either do not understand what is in their company's business continuity plan or do not know if their company has one.
Ray Stanton (pictured), global head of BT's business continuity, security and governance practice, said, "As the profile of information security has increased in recent years, so businesses have become more adept at addressing strategic issues like risk management, outsourcing and security auditing.
"The worry is that at the same time they have been forgetting about the fundamentals. Many can no longer see the wood for the trees. It's time for businesses and the security industry to go back to basics."
BT believes there are three key areas that need the most urgent attention by IT departments:
1) Encryption: Organisations are ignoring the importance of data encryption. The recent case involving HMRC, where disks containing unencrypted data relating to 25m people were lost in the post, is a case in point
2) Denial of service attacks: BT believes that the majority of DoS attacks, which can cripple websites or web-based services, can be avoided by using the latest threat management systems
3) Communication: BT believes that businesses need to do much more to educate their staff on their roles and responsibilities when it comes to protecting corporate data and ensuring business continuity
BT research reveals that nearly a quarter of employees (22%) say losing a mobile electronic device containing sensitive/private business information would not be a disaster.
But 38% who have lost a mobile electronic device admitted it wasn't secure.
In addition, whilst 41% know their company has a business continuity plan, they have either not taken the time to read it or do not fully understand what is in it.