Data / Cyber Security â a business imperative in todayâs world of cybercrime

There are several reasons why, in today's world of data and cyber crime, data and cyber security are so vital. The three main reasons are:

1. The Data Protection Act ...

... makes data security a legal requirement of any data controller. Principle 7 of the DPA states that "appropriate technical and organisational methods shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data"

2. Increasing number of data breaches ...

Ranging from virus and malware attacks, denial of service, network penetration and theft of data or IP, almost every day sees a data or cyber security breach.

81% of large organisations* suffer breaches at avg: £600K - £1.15M*

60% of SMEs* are affected by breaches at avg cost: £65K - £115K*

In addition,

31% of all breaches were caused by human error*

a further 20% by deliberate misuse of systems by staff*

45% of phishing attempts succeed**

suggesting that staff training and development and distribution of appropriate policies and procedures are becoming vital.

* stats from UK 2014 Information Security Breaches Survey / ** stats from Google December 2014 report

3. High costs of data breaches ...

A necessarily brief summary of cause and effect are illustrated below:

A data breach is costly, both in terms of reputation and cost, which can and does ruin businesses. It is helpful to invest in a security education and awareness programme to raise the profile of risk throughout the business, starting at Board level - in my experience, too often if such an initiative does not start at the top, it is doomed to failure.