Unpredictable security threats such as the CryptoLocker malware and Heartbleed bug have become a growing neurosis for UK organisations, forcing many some to re-write their security policies in the last year, according to Databarracks’ annual Data Health Check.
The firm’s questioning of 400 UK-based IT ‘decision makers’ found that 29 percent admitted reviewing and revising security policies in the light of threats, particularly medium-sized organisations in the public sector and finance.
An alarming 35 referenced CryptoLocker ransomware infections, ahead of 34 that had experienced keyloggers and 30 that were simply worried about the implications of the Heartbleed OpenSSL bug made public earlier this year.
Databarracks didn’t ask what form the responses took but did note that 21 had not made any revisions despite experiencing incidents.
Another interesting finding was that while the use of online and cloud backup had reached 43 percent of respondents, 17 percent still used old-fashioned tape when storing backups offsite. About a quarter were using a mix of the two approaches for backup.
Half decided what data to keep on the basis of compliance requirements that had a specific time period attached while 18 percent said they’d keep data indefinitely. Despite the predations of malware such as CryptoLocker, the leading cause of data loss was simple hardware failure (21 percent), ahead of software (19 percent) and human error (18 percent) and data corruption (15 percent).
Large businesses were, not surprisingly, the most likely to have a disaster recovery plan in place, smaller forms less so. Despite this, only 52 percent cited a business continuity plan when asked.
Forty-one percent of small businesses had no plan, something that wasn’t likely to change in the next year.
When it comes to ransomware, backups are the only guaranteed defence, as four firms in Yorkshre recently discovered to their credit.