Half of UK firms lack handle on security breaches

Summary:Forty-nine percent of UK companies do not know how many security breaches they have suffered in the past year

Just under half of UK companies do not know how many security breaches they have experienced in the past year, according to research by accountancy firm PricewaterhouseCoopers.

By contrast, in China only seven percent of firms have no idea how many times they have been hacked or suffered a security breach in the past 12 months.

"The concern is, if you don't have a concrete view of how many security incidents you've had, how can you make informed choices around budgets and prioritisation of resources?" William Beer, PricewaterhouseCoopers (PwC) director of assurance, told ZDNet UK on Thursday.

Beer said that while most UK companies keep logs of intrusion into their system, many do not then look at those logs.

In addition, six out of 10 UK companies do not know where customer data is being held and transmitted, according to a survey undertaken by PwC.

"Clients are struggling with that in the UK," said Beer. "Government clients have certain obligations to fulfil, but we've seen instances of government organisations falling foul of the law."

The problem often lies with third party providers, said Beer. UK data protection law stipulates that sensitive customer data may not normally be stored outside the EU. However, many of the large cloud providers are based in the US, meaning that data can accidentally be sent to the wrong jurisdiction.

Beer recommended that businesses use data-tagging or tokenisation of sensitive data destined for the cloud, so that information will not unintentionally go astray.

The PwC survey, entitled Global State of Information Security, polled 7,000 security professionals around the world.

Last April, a PwC survey found that companies should not blame individual employees for data breaches

Topics: Security

About

Tom is a technology reporter for ZDNet.com, writing about all manner of security and open-source issues.Tom had various jobs after leaving university, including working for a company that hired out computers as props for films and television, and a role turning the entire back catalogue of a publisher into e-books.Tom eventually found tha... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.