All the latest UK technology news, reviews and analysis
|
|
|
06 Jun 2008
Public demand for EU or UK legislation mandating the disclosure of data breaches is growing, according to recent research by Symantec and Ipsos Mori.
The results showed that 96 per cent of the general public would want to be notified in the event of their personal details being lost or stolen.
The loss of bank account details topped the list for notification at 85 per cent, followed by passport number at 52 per cent.
"The survey shows that the resounding majority of the general public would want to be told if their personal details were lost," said Richard Archdeacon, director of global security at Symantec.
"This adds weight to the current debate for the introduction of an appropriate law on notification. But, by addressing the issue of data loss in the first place, prevention is a greater asset than notification."
However, research by content security firm Clearswift suggests that nine out of 10 UK IT managers believe that the general public should not be informed if a data breach occurs, and 61 per cent do not even think that the police should be informed.
Surprisingly, 60 per cent of the UK respondents to Clearswift's poll were unaware of the possible introduction of data breach notification legislation. When informed, half were in favour of such legislation being implemented.
"Given the recent debate around possible data breach legislation, it is surprising to see the lack of awareness on the subject," said Stephen Millard, vice president of strategy at Clearswift.
"This research shows that, when faced with the prospect of having to air some dirty laundry in public, companies are not confident that they will emerge in a positive light.
"This demonstrates the necessity of having appropriate measures in place to protect and secure sensitive information, and for the IT community to accept responsibility for the information they manage."
Symantec's latest Internet Security Threat Report found that one in four data breaches occurs within government departments.
"Most data breaches are accidental but, irrespective if they are malicious or not, the lost of personal data can have a huge negative impact on an organisation's reputation," said Archdeacon.
"Data breach notification legislation would be an important step to increase data security and ensure that organisations are aware of their requirements and obligations."
The majority of those polled by Clearswift said they have some kind of security measure in place to protect against data loss.
Of those without security measures, 30 per cent said this was because they trust their employees and 20 per cent because of budget restrictions.
Latest stories from Public Sector
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Hosting Delivery Manager - Swindon Hosting Delivery...
My client is one of the most successful hedge funds/proprietary...
1st line service desk analyst. Established and successful...
CCNA Network Engineer (CISCO, FIX, Networking, XML, Support...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Aiding criminals
If criminals get data as a result of a breach and the public has not been notified of the breach, the company which allowed the data to get out are guilty of aiding the criminal. They should then be punished to the full extent of the law and forced to make good all losses suffered by the public whose data was involved. It would then make companies aware of the value of the data they hold and take appropriate measures.
Posted by: misceng 12 Jun 2008