Tuesday, 10 December 2013

59% of Irish businesses review IT security procedures following high profile data breaches


Integrity Solutions, Ireland's largest IT security specialist, today announced the results of a survey which focuses on the latest security threats for businesses in Ireland, with 130 IT and security professionals surveyed.

The research was carried in November 2013 and included attendees at the recent IRISS (Irish Reporting and Information Security Service) cybercrime conference in Dublin. The survey found that 59% of organisations have reviewed their IT security procedures following reports of recent security breaches such as the one at Loyaltybuild.

The largest security fear for Irish organisations today is loss of confidential data which was highlighted by two thirds (66%) of respondents. The other leading concerns were reputational damage (57%) and disruption to service (52%).

When asked about how long it would take for their organisation to become aware of a data breach, only one in ten said they would know about it in minutes. 38% said it would take hours, 36% said days and 16% said it would take weeks before they became aware.

Just under two thirds of businesses (62%) have an incident response plan in place to handle data breaches or compromised systems. Almost a quarter (22%) admitted that they don't have any plan in place to cover an incident and 16% weren't aware of any response plan.

Sean Rooney, technical director, Integrity Solutions, comments on the results:

"It shouldn't come as a surprise that so many Irish businesses are reviewing their procedures following so many high profile IT security incidents recently. The fear of losing confidential data is very high at present in Ireland. Businesses need to do everything in their power to guard data so that consumers are protected at all times. It's interesting to note that reputational damage is the next biggest concern, as any data breach can have serious consequences for an organisation's brand.

"A very worrying finding from the survey is the length of time that would lapse before an organisation would become aware of a data breach. Just one in ten said it would take minutes, with more than a half saying it would take days or even weeks. It's also concerning that a lot of businesses don't have any incident response plan in place to handle data breaches.

"This lack of a cohesive security plan isn't acceptable any more. There are no hiding places for businesses that leave gaps in their security defences. The longer it takes a company to respond, the worse the outcome will invariably be.

"We would recommend that all organisations carry out an extensive review of their security procedures if they haven't already done so. They then need to implement effective and appropriate security plans so that their employees and customers are always protected. With the correct policies and tools in place, they can confidently remain one step ahead of the ever-growing cyber security threat."