Sixty-one Percent of UK IT Leaders Willing to Cover Up Data Breaches
UK IT leaders are alarmingly willing to cover up a data breach, with more than 3 in 5 (61 percent) saying they would do so if it meant they could escape fines, a new report reveals.
Senior business leaders are more willing than managers or directors to cover up their organisation falling victim to a data breach, with 71 percent at C-level saying they would do so, compared to 57 percent of the latter category.
Key Findings include:
- Despite 83 percent of businesses providing cyber training to staff at all levels, several factors are highlighted as major challenges to employee engagement.
- 66 percent say that they were hampered by a lack of skilled resource in-house to conduct the training and were challenged by an unwillingness to change process and behaviors.
- 55 percent of IT leaders pinpoint a lack of support from the board and wider C-suite as a challenge, as well as a lack of best practice guidelines to work towards and implement (63 percent).
- Cloud and Internet of Things (IoT) were revealed to be the emerging technologies most widely seen as a threat to organizations, at 63 percent and 62 percent respectively.
- 80 percent confirmed that they are using these kinds of emerging technologies to “better identify threats to their business”.
- 30 percent of the average cybersecurity budget is spent on meeting compliance needs.
- While 92 percent of respondents are aware of meeting compliance needs, just 32 percent completely understand how it builds on GDPR and 37 percent are unaware of how it will affect their organization.
- 28 percent of organizations provide security training when employees join, and this lack of immediate training leaves them at risk.
- Only 63 percent of businesses update training and repeat annually.
- 83 percent have a plan in place if they were to become a victim of a data breach.
- 71 percent of the former category see BlockChain as a threat.
- 77 percent of organizations have plans in place to revisit or update their business approach to cyber security, based on emerging or future technologies.