90 percent of data breaches were preventable!23rd January 2015
I recently read an article on ZdNet entitled ‘Over 90 percent of data breaches in first half of 2014 were preventable‘, that is both a worrying and scary statement.
The gist of the article was that of all the security and data breaches studied in the early half of 2014 90% were preventable. If only staff had followed organisations guidelines and policies, the breaches may not have occurred. So we must ask the question, why? Why was the guidance ignored? was it reckless, negligence, apathy, or a combination of all the above?
When we go into companies to offer training, one of the the first things we do is take the temperature of team members to gauge their ‘compliance ethos’. Some are unaware of the importance of compliance, some believe the guidelines too strict, some think that data protection does not apply to their role, and others possibly over-zealous. What we can say with certainty is that once you explain and demonstrate the importance of information governance, data protection and cyber-security and show how this directly affects brand reputation, image and trust, attitudes change for the better.
It is not enough to just batter your team with tales of penalties issued to other organisations, or fines, notices or undertakings. However, once you explain how, when DP fails, it negatively affects the end-user, and how good IG can protect the organisation and make it more profitable, you are in a better place to gain their trust and importantly get their buy-in.
Once your team get the importance of data protection, feel empowered and take possession of the issue, they will actively look for vulnerabilities, seek out and identify solutions and become the front line of defence in this ongoing battle of compliance.
Data Protection Consultanct & Trainer