Many IT decision-makers guilty of keeping cyberattacks secret
Instead of disclosing data breach info, they sit on it
Many business leaders are failing to disclose if their business has been affected by a cyberattack or data breach, a new report has found.
Research by password manager firm Keeper Security found that more than a third (36%) senior IT leaders kept a cyberattack to themselves, mostly due to the “weight of responsibility”.
Even though the General Data Protection Regulation (GDPR) demands businesses to disclose, as quickly as possible, when they suffer a data breach or cyberattack, many business leaders still decide to sit on this information.
- Here’s our list of the best endpoint protection software right now
- We’ve built a list of the best malware removal on the market
- Check out our list of the best firewalls available
Most organizations are aware of the problem, but many aren’t doing much to address it. Some have even relaxed their cybersecurity policies to allow their employees to work remotely, signaling that for many - security has taken a back seat during the lockdown.
More than nine in ten (92%) of businesses in the UK suffered a cyberattack in the last 12 months, the report found. As a result, over three-quarters (78%) don’t feel prepared to deal with such a threat, while a third (31%) expect Chief Technology Officers (CTO) to carry this burden alone. CTOs, on the other hand, often make the problem worse, as 32% admitted to using weak credentials. They often use words such as “password” or “admin” for passwords.
Major risk for SMBs
It is then perhaps unsurprising that Keeper Security found how 58% of IT professionals feel employees at their organizations do not understand the full consequences of poor cyber-hygiene.
Even though the UK effectively abandoned the EU after Brexit, GDPR still plays a major role. Organizations that manage data from EU-based citizens still need to be compliant, and the UK’s own data protection policies are synchronized with those of the EU, as well.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
SMBs that fail to protect their sensitive data could be forced to pay a fine, and would be looking at a ruined brand reputation and brand loyalty. Multiple studies have shown that customers would gladly abandon the company that gets breached and often worry about how the data they share with companies is being used. All these things can have a major negative effect on the bottom line.
- Here’s our rundown of the best antivirus out there
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.