31% increase in self-reporting of data breaches
There is plenty of evidence to suggest that data security tops the minds of IT Managers and all of those tasked to administer data-bearing assets, from planning and deployment, to utilisation and retirement. But there is a major gap and plenty of contradictions between stated policies and the reality on the ground.
ICT Reverse’s recent findings reveal that 9/10 senior managers are concerned about the possibility of a data breach, which could affect their company’s image, expose their organization’s data to outsiders and lead to unexpected and spiralling costs. Despite this, many companies still do very little to prevent breaches from taking place, especially when disposing of end of life assets.
Recent figures released by the Information Commissioner's Office (ICO) reveal a 31.5% increase in the number of data breach cases reported in 2016/17. A total of 2,565 cases were reported (up from 1,950 the previous year), of which the ICO sought to impose a civil monetary fine for just 17.
According to the figures published by the ICO on 8th May, health bodies were responsible for 41% of all data breaches self-reported to the watchdog last year.
Telecoms companies were also responsible for a greater volume of cases of self-reported data breaches last year. The watchdog said it received 1,005 notifications of breaches by the telecoms providers last year, compared to 613 in 2015/16.
Companies of all types will be under a new legal duty to notify data protection authorities of certain data breaches they experience under the new EU’s General Data Protection Regulation (GDPR), which comes into force on 25 May 2018.
The figures also revealed that the number of data protection concerns raised by the public rose to 18,354 in 2016/17, up from 16,388 the previous year. The biggest proportion of concerns raised (42%) related to individuals’ rights to access their personal data held by organisations, while 17% of cases concerned the disclosure of data.
Craig Smith, Managing Director at ICT Reverse, said: “We will continue to advise and educate our customers on the new GDPR legislation. Our account managers are working closely with organisations to help them to understand their obligations on end of life IT asset disposal”.