New Research from Quocirca Reveals UK Firms’ Lack of Confidence in Data Security Measures
With data breaches and cyber threats on the rise globally, confidence amongst UK businesses in the adequacy of their current data security measures has fallen.
Quocirca just released "Room for Improvement," its latest research into data protection efforts amongst enterprises in the UK. Perhaps the most significant finding from Quocirca was that only 29% of the organizations surveyed were very confident in the security of their data – a number that is without a doubt reflective of the current state of cyber threats and data breaches making headlines.
Beyond gauging businesses’ confidence levels in their security programs, the research also examined the potential causes for this lack of security confidence as well as the factors driving higher levels of confidence at some businesses. Ultimately, Quocirca identified three factors that combine to instill higher degrees of confidence in data security measures: employee education, adoption of data security technology, and coordinated security policies.
Employee Education Drives Security Confidence
It’s no surprise that employee education is a major contributor to any organization’s security posture. More surprising was Quocirca’s finding that lack of security education wasn’t just limited to non-security personnel:
- 39% of respondents did not feel that their security team was ‘highly knowledgeable’ on the topic of data protection, rising to 77% amongst the general IT team
- 36% of respondents rated senior management as ‘unknowledgeable’, rising to 47% amongst employees in general
Security Confidence is Diminished when Organizations Fail to Adopt Adequate Security Solutions
The research also found that while many companies had adopted traditional security technologies such as web and email filtering, most had failed to adopt advanced data security solutions:
- 64% have no digital rights management
- 60% do not monitor user behavior
- 51% do not deploy next generation firewalls
- 48% have no data scanning or classification of data
- 47% have no data loss prevention technology in place
Confidence Improves when Organizations Enact Coordinated Data Security and Incident Response Policies
Finally, the organizations that reported the highest levels of confidence in their data security measures were those that combined user education with adequate data security technologies in coordinated policies for data security and incident response. Among Quocirca’s key findings:
- Businesses with a coordinated response policy were more than twice as likely to be ‘very confident’ about defending data against the accidental actions of employees, compared with those with a more fragmented approach (34% vs 15% respectively)
- When looking at more malicious data breaches, those with a coordinated approach were three times as likely to be ‘very confident’ about defending data against criminal hackers (31% vs 9% respectively)
While Quocirca’s “crisis of confidence” amongst UK security teams may be concerning, organizations that successfully address these three factors can take confidence that their security measures are robust enough to keep their data safe and respond correctly when it is put at risk. Download Quocirca’s "Room for Improvement" report to learn more.