One in three IT professionals fears a major data security breach – accidental or malicious – could put them out of business, research has found.
A survey of 1400 IT professionals from companies with more than 250 employees in the UK, US, France, Germany and Australia found that 60% had experienced a data breach in the past year, and only 6% could say with certainty that they had not experienced one in the previous two years.
But although 33% of respondents said a major data breach could destroy their business, the average spend on data security was just 0.5% of overall IT budgets, the research conducted by Datamonitor for security firm McAfee found.
The research, released at the Infosec security show in London, found that a data breach exposing individuals’ personal information would cost companies an average of £134,000 just to inform their customers – even if the lost or stolen data was never used.
Just under a quarter of those surveyed were able to provide an estimate of the total annual cost to their business of data leakage, with an average cost of £910,000.
The survey found that 61% of the IT professionals thought “insiders” were behind data leaks, with 23% saying they believed the leaks were malicious. But 46% admitted their companies did not debrief or monitor employees who have given notice and are about to leave the company.
Dave DeWalt, president and chief executive officer at McAfee, said: “Six in ten companies admitting a breach in just the past year is ample proof that more needs to be done to address this very serious problem.”
He added: “Awareness alone isn’t enough. To protect customers, employees and shareholders, data loss prevention needs to become a top priority at every level of the organisation, from the board room to the lunch room.”