Last year was one of the biggest years for data loss, with both digital behemoths such as Facebook and public sector organisations including government agencies and the police forcefinding themselves subjected to insider and outsider hacking and network vulnerabilities. Not only did this watershed year for data breaches massively undermine customer confidence, in addition to putting those customers at risk from further security issues, it wiped millions off company share values and massively damaged reputations and trust.
Data loss prevention has rapidly become big business. However, there is still not enough information or understanding within companies to minimise risk. New statistics released by the Information Commissioner’s Office has revealed that, despite understanding the implications of data loss, companies remain late in reporting data breaches and that, even when they do report them, they frequently come with an inadequate level of detail. Minimising the potential damage to their business remains a huge challenge.
Under the General Data Protection Regulation (GDPR) companies are required to report a breach to their local data protection regulator within 72 hours of detecting it. The reality, however, is very different with businesses taking an average of 60 days to first discover a breach and then a further 21 days to submit their reports to the ICO.
In the UK alone, 28% of companies face weekly cyber-attacks, 26% face them once a month and 24% face them daily, with businesses collectively encountering more security incidents on a daily basis than their counterparts in France, Germany and Sweden (Source: IDC). (https://www.teiss.co.uk/information-security/uk-firms-better-european-security-incidents/). Despite this, a further study specific to the Nordics has shown that more than 50% of businesses in the region reference cloud security and data-loss protection as their main IT-security priorities right now (Source: IDC) http://bit.ly/keepit-idc.
And then there is the cost. With average spend on cybercrime increasing dramatically, costs associated with crimes can financially debilitate companies which have not made cybersecurity part of their budget. The alternative however is unthinkable – just look at the Equifax breach which cost the company over $4 billion in total – significantly more than investing in the right systems and tools to help protect security and privacy.
What is clear is that, while the potential for data loss is becoming an increasing problem for organisations and while those organisations are recognising the importance of data protection, most companies do not have the technical know-how, skills, technologies or processes in place to either detect breaches in a timely manner, to properly report them or to realise the total cost to their business should the relevant tools not be put in place.
With digital transformation top of the agenda in what has increasingly become a data-driven economy, how can companies keep up with fast moving technology while simultaneously protecting their data in a way that does not open them up to further risk and that simultaneously protects their bottom line?
Today, there are multiple cloud and SaaS-based solutions which allow organisations to take a more hands-on-approach to data management and protection. What companies frequently bypass, though – either through lack of awareness or understanding - when adopting these solutions is cloud-to-cloud back-up – the piece of the security pie which protects those SaaS solutions, enabling businesses to adopt new cloud technologies without the fear of data loss. Simple to set up and deploy, businesses are now, in a few easy steps, able to find and recover historic data in a heartbeat. Practically, what this means is that both the 60-day window for discovering data breaches and the 21-day window for reporting them should dramatically reduce, minimising further damage to your business.
The introduction of blockchain – a complicated and overused (and often misused) term – is also creating opportunities for companies to find lost data across time and instantly restore it, further minimising the risk to productivity. A distributed ledger, it offers transparency, decentralisation and data integrity to businesses, enabling those businesses to both track their data and to stay compliant by being in a position to provide that data to auditors when needed.
So, for those companies looking to better manage the security of their data, when rolling out those SaaS-based solutions, think about the back-up part from the very start of the process. After all, it’s no good investing time, money and resource in getting up to speed in technologies which can protect data loss if the you have no way of tracking it the minute it’s lost. Invest, back-up, be safe, and be content in the knowledge that you can find that missing data and avert a crisis of share value, reputation and trust when it all goes wrong.