A year after the publication of the European Commission's draft revision to data protection legislation, which includes fines of up to one million Euros or two per cent of annual revenue for a data breach, penalties appear to be having had little effect on most firms' approach to information security, according to Iron Mountain.
It reckons that for the majority of companies, the threat of fines has little impact on their company’s data protection policies to protect sensitive information.
That said, the majority of firms are either already insuring or are looking at insuring their business against the financial impact of a data breach. Comments Christian Toon, head of information risk at Iron Mountain Europe: “Businesses of all sizes are failing to take appropriate steps to protect information. It seems many would rather insure against the cost of a breach than take steps to prevent it.”
PwC and Iron Mountain have launched an online tool to help businesses assess their exposure to information risk. The tool allows businesses to assess where they sit on an information risk maturity index, which represents a balanced approach to preventing information risk, including measures that evaluate strategy, people, communications and security. Their index is based on a set of indicators that, if put in place and frequently monitored, will help protect the digital and paper information held by an organisation.
Businesses can assess their exposure to information risk online at http://www.ironmountain.co.uk/risk-assessment
Printed Copy:
Would you also like to receive CIR Magazine in print?
Data Use:
We will also send you our free daily email newsletters and other relevant communications, which you can opt out of at any time. Thank you.
YOU MIGHT ALSO LIKE