UK businesses received, on average, £237,402 worth of fines following data breaches or violations of data protection rules in the last 12 months according to new research published by ISMS.online.
Data breaches
Data breaches were the second most reported cybersecurity incident (36%) facing businesses after phishing attacks (39%). Respondents listed financial data as the most likely type of data to be compromised (50%), followed by customer data (48%) and employee data (42%).
This was one of several findings in ISMS.online’s latest State of Information Security report which surveyed 500 information security (infosec) professionals in the UK, comprising managers, directors, and C-level executives.
Need for information security budgets
Only 64% expect to increase their infosec budgets in the next 12 months and 54% intend to bolster their teams
According to the survey, businesses respond to cyber incidents by increasing information security budgets and team sizes. However, in many cases, this is too late with businesses facing heavy financial penalties following an attack, not to mention the immeasurable reputational damage a breach can cause.
Despite 90% of infosec leaders agreeing that leadership teams view strong information security as a top priority, only two-thirds (64%) expect to increase their infosec budgets in the next 12 months and just over half (54%) intend to bolster their teams.
Budget constraints
However, a significant cohort (39%) listed budget constraints as their top challenge signifying that many infosec leaders don’t think planned budget increases will go far enough.
Luke Dash, CEO, of ISMS.online, said, “The potential impact of breaches can be crippling for businesses with the average fine nearing a quarter of a million pounds. We see time and time again companies unaware of the potential impact fines could have on them, let alone the threat to reputation and customer loyalty."
Good information security practices
“Budgets are tight and businesses in the UK are facing rising costs across the board but not investing in key areas to do with cyber security is a false economy. Investing in infosec not only protects information assets but also builds trust, wins business, and highlights efficiencies that make a measurable difference to an organisation’s bottom line."
"In other words, good information security practices are good for business.” ISMS.online is a leading SaaS company empowering every business to achieve simple, secure, and sustainable data privacy and information security through its user-friendly platform.
- Network / IP
- Office surveillance
- Office security systems
- Office security
- Application security
- Industrial security
- Commercial security
- Security management
- Security policy
- Security devices
- Security installation
- Security tagging
- Security monitoring system
- Network monitoring
- Industrial security systems
- Security software
- Security service
- Industrial surveillance
- IP security solutions
- Testing & Approvals
- Integration software
- Cyber security
- Internet of Things (IoT)
- Corporate Security
- Central Monitoring
- Data Security
- Network Video Recorders
- Cloud security
- Artificial intelligence (AI)
- Smart home
- Smart Cities
- Machine Learning
