Select a region
Data security experts Logicalis think reported security breaches are just the tip of a data breach ‘iceberg’ and the total could amount to at least four times what official figures show.
Logicalis think that figures will rise dramatically when EU General Data Protection Regulations (GDPR) come into force next year.
Just 52 data protection offences were reported in Jersey in 2016, and 43 in Guernsey, according to figures from the Office of the Data Protection Commissioner and the Office of the Information Commissioner. But Logicalis think that only a small number of breaches are reported because there is currently no obligation for organisations to do so. Starting from May next year, EU GDPR will make it mandatory to report those breaches.
Tom Bale, Business Development and Technical Director, Logicalis (pictured), said: “KnowBe4, a security service we work with, suggests less than a quarter of organisations affected by ransomware admit to it. Many don’t even realise they have suffered a security breach until months after the incident so systems, and the data they contain, could be left compromised for long periods. This means the real figure for data breaches is likely to be much, much higher than reported figures.”
According to the Verizon 2017 Data Breach Investigations Report, financial services, health care, and the public sector are the target in one fifth of cyber attacks, with ransomware attacks the fastest growing threat, doubling from 2016.
Data breaches from financial companies in the UK rose by 25% last year. Figures from the UK’s Information Commissioner show the number of data breaches reported by banks, insurers and other financial companies increased from 114 to 140 from March 2016-2017.
The UK Government has confirmed it will introduce a new Data Protection Bill this autumn bringing EU GDPR into UK law ahead of Brexit.
Mr Bale said: “The first step in addressing data security is recognising that cybercrime is an issue that affects everyone from big financial companies to small local businesses. Hacks such as the recent HBO attack, where cybercriminals leaked Game of Thrones scripts, make people think cybercrime only affects high profile organisations. While these organisations are clearly targets, smaller organisations which don’t take data security seriously are at a greater risk.
“Round the clock monitoring, such as through a Security Operations Centre, is the only way to know who is accessing your system, while proper maintenance and management are vital for keeping systems up to date, backed up, and working as reliably as possible. That way when the data security iceberg hits, you will be prepared and protected.”
Comments
Comments on this story express the views of the commentator only, not Bailiwick Publishing. We are unable to guarantee the accuracy of any of those comments.