Over half of U.K. firms have lost data

Computerworld UK - An astonishing 55% of British companies have lost data, according to a new report of 785 IT professionals in the U.K.

Conducted by the Ponemon Institute LLC, the survey found that 49% of them have had over two breaches in the last two years.

Around two-thirds of respondents said negligence, including that of outsourcers, was responsible for data breaches, compared with only 10% who said hackers were a major cause. A third said insiders were a threat.

Many firms were unable to track data breaches and find the source of the problem. Some 44% said they were not confident they could even detect a breach in the first place, and over half take several weeks to notify any customers affected.

Only 3% were tracking changes made to data, such as when account details are updated, even though 91% said this was an important part of tackling the problem.

Six in 10 firms said networks were one place they saw as having a high risk of data breaches, and 51% said mobile devices were a threat. But it was not just technology that was at risk, as over half reported that paper files were a problem.

A worrying six in 10 have not assigned responsibility for detecting and responding to data breaches. But 25% said it was the job of the chief information officer.

Atul Bhovan, U.K. technology manager at Compuware Corp., which commissioned the survey, told Computerworld U.K.: "Businesses just don't have enough information for an effective root-cause analysis when there is a data breach."

"They need to identify who is doing what, and if there's a breach, how many customers are affected. It's not just a case of addressing who can access data, it's also about recording transactional screens to aid forensic investigation if any problems happen."