EOL IT Services has now merged with tier1 Asset Management Ltd

Data Protection Breaches Can Cost Your Business Millions

by | Dec 17, 2014 | IT Security

A recent survey has revealed that, as a result of their breaching the Data Protection Act (DPA), some British businesses had to pay penalty charges of £2.17 million between January 2013 and October 2014. This is even in spite of the fact that it is mandatory for companies to comply to these rules. In fact, the Information Commissioners Office (ICO) issued over 60 infringement notices during this 21 month period.

It is worrying that the majority, a huge 94%, of the data breaches were a failure to comply with the DPA’s 7th principle.

One of the most common reasons that these notices were issued was having poor information security, according to IT firm, IT Governance. Other breaches included the simple mistake of sending a fax to the wrong person. However, it is noteworthy that many offences were more serious and damaging than these.

On average, each incident of an online data breach or cyber attack cost companies over £52,000; penalty fees were more severely enforced in these situations. Other data protection breaches, such as losing a file or device, would have cost companies around £35,000.

These recent findings would suggest that there is a lack of care taken with regards to data protection and information security. The high number of breaches also shows that more diligence is required in terms of monitoring companies’ data processing systems to ensure they are all authorised and lawful and to prevent the amount of data misplaced, damaged and lost by companies.

However, because cyber criminals are becoming more and more sophisticated, it is incredibly difficult for businesses to ensure total protection of their data, as they can’t completely secure all access points into the company.

Alan Calder, founder and executive chairman of IT Governance says that “With the proposed EU Data Protection Regulation expected to come into force next year, and the continued proliferation of data breaches, companies cannot afford to be complacent about data protection and information security.”

He recommends that they turn to ISO27001 to address not only the strategic, but also operational aspects of the security of their information and that they should always comply to, not just principle 7 of the DPA, but all principles.

If you would like to find out more about your obligations as a business under the Data Protection Act then give us a call today on 0845 600 4696 or fill in our enquiry form and we will get in touch.

[Photo Credit: dustball ]


Recent Stories

Does AI Fight or Facilitate Cybercrime?

Does AI Fight or Facilitate Cybercrime?

Despite the splash made by ChatGPT at the end of 2022, Artificial Intelligence and Machine Learning have been part of our daily lives for some time. We use smart home devices, chatbots, voice assistants, and Netflix recommendations with little thought as to what’s...

These 5 Sustainable IT benefits will boost your business.

These 5 Sustainable IT benefits will boost your business.

The urgent need to minimise the impact our technology has on our environment stretches far beyond the moral obligation. With the future development of our organisations in mind, if we are to continue to rely heavily on the networked technologies that simplify our...

Are Hardware Vulnerabilities Your Cybersecurity Blind Spot?

Are Hardware Vulnerabilities Your Cybersecurity Blind Spot?

As cybercriminals commonly target software vulnerabilities, the assumption is easily made that cybersecurity threats come in the form of phishing, malware or ransomware. Consequently, corporate cybersecurity strategies can neglect the very foundation of the network,...