An astonishing 55% of British companies have lost data, according to a new report of 785 IT professionals in the U.K.
Conducted by the Ponemon Institute LLC, the survey found that 49% of them have had over two breaches in the last two years.
Around two-thirds of respondents said negligence, including that of outsourcers, was responsible for data breaches, compared with only 10% who said hackers were a major cause. A third said insiders were a threat.
Many firms were unable to track data breaches and find the source of the problem. Some 44% said they were not confident they could even detect a breach in the first place, and over half take several weeks to notify any customers affected.
Only 3% were tracking changes made to data, such as when account details are updated, even though 91% said this was an important part of tackling the problem.
Six in 10 firms said networks were one place they saw as having a high risk of data breaches, and 51% said mobile devices were a threat. But it was not just technology that was at risk, as over half reported that paper files were a problem.
A worrying six in 10 have not assigned responsibility for detecting and responding to data breaches. But 25% said it was the job of the chief information officer.
Atul Bhovan, U.K. technology manager at Compuware Corp., which commissioned the survey, told Computerworld U.K.: "Businesses just don't have enough information for an effective root-cause analysis when there is a data breach."
"They need to identify who is doing what, and if there's a breach, how many customers are affected. It's not just a case of addressing who can access data, it's also about recording transactional screens to aid forensic investigation if any problems happen."
This story, "Over half of U.K. firms have lost data" was originally published by Computerworld UK.