EOL IT Services has now merged with tier1 Asset Management Ltd

UK Security Breaches On The Rise – Are You Taking Action?

by | Dec 8, 2015 | IT Security

Unfortunately data security breaches are becoming more and more common which means that UK businesses are being forced to reevaluate their cyber security practises and data leak protection schemes. The issue of UK data security breaches is especially apparent given the fact that, in October, British Gas was the last of three companies (including Marks & Spencer and TalkTalk) to fall victim to a data breach in the space of a week. It is important that we learn from these breaches and that businesses do everything they can to avoid it happening to them.

British Gas did assure customers that the leak of their email addresses and account passwords was not a result of a cyber attack on the company and that none of their payment data was at risk. However, this did not assure consumers, who would have already heard about Marks & Spencer customers being able to see each other’s account details and the compromised personal information of four million TalkTalk customers.

Even though both British Gas and Marks & Spencer have claimed that their breaches happened as a result of internal error, rather than a third party attack, it is of vital importance that businesses now step up their security measures to keep the trust of their consumers. Richard Pharro, chief executive of APMG, suggests that it is a company’s board that must take responsibility for cyber security and that it is unacceptable for a director to claim to have no understanding of the security policy. He believes that many directors are under the false illusion that their company’s compliance with standards mean that they are sufficiently protected, but this is not true.

Compliance to security standards does mean that in low-risk situations businesses are safe. However, this compliance gives no indication to the potential risks that face the company and it is important that these risks are regularly reassessed to avoid being caught out. In fact, a recent survey showed that 9% of data security mishaps have occurred as a result of employee fault, which means that no matter how much companies do to prevent outside threats from third party attackers, it is equally important to address the danger of risks within the business itself.

Even though the current fine for a UK company that breaches the Data Protection Act is £500,000, some people suggest that it is not high enough to scare businesses into taking their cyber data security more seriously. However, the European Commission have planned changes for next year, including the General Data Protection Regulation which means companies will be fined up to €100 million or 5% of their annual turnover if they breach the act.

These more stringent rules mean that your company should reassess its current data security policy, ensuring that all employees are trained up to standards and are aware of consequences of any mistakes, finding any solutions that need to be addressed and patching up any holes that may exist. Failure to do so could mean both financial payment and payment in the loss of the trust of your customers.

Recent Stories

Does AI Fight or Facilitate Cybercrime?

Does AI Fight or Facilitate Cybercrime?

Despite the splash made by ChatGPT at the end of 2022, Artificial Intelligence and Machine Learning have been part of our daily lives for some time. We use smart home devices, chatbots, voice assistants, and Netflix recommendations with little thought as to what’s...

These 5 Sustainable IT benefits will boost your business.

These 5 Sustainable IT benefits will boost your business.

The urgent need to minimise the impact our technology has on our environment stretches far beyond the moral obligation. With the future development of our organisations in mind, if we are to continue to rely heavily on the networked technologies that simplify our...

Are Hardware Vulnerabilities Your Cybersecurity Blind Spot?

Are Hardware Vulnerabilities Your Cybersecurity Blind Spot?

As cybercriminals commonly target software vulnerabilities, the assumption is easily made that cybersecurity threats come in the form of phishing, malware or ransomware. Consequently, corporate cybersecurity strategies can neglect the very foundation of the network,...