Published on 17 November, 2015
|This year, Shred-it is an official Fraud Week supporter and calls for further
legislation on data security education
UK businesses are putting themselves at risk of fraud resulting from a security breach by not assigning an employee to be responsible for information security education and implementation within their organisation, the UK’s leading information destruction expert, Shred-it, has warned.
Nearly half (46%) of small business owners have no employee responsible for managing data security issues a Shred-it survey conducted by Ipsos MORI found, compared to just 8% of C-suites. Even more concerning, more than a quarter (27%) of small businesses do not have information security policies and procedures in place; a third of those who do admit to never training their employees on these protocols, according to Shred-it’s State of the Industry report.
This year, Shred-it is an official Fraud Week supporter and to mark the event, Shred-it is calling on the UK Government to implement legislation to ensure all businesses have a dedicated employee responsible for raising awareness of the importance of data security, understanding changes to legislation and enforcing data security procedures in the workplace.
“There is a strong correlation between data security practices and data breaches. Introducing legislation which mandates an employee specifically responsible for raising awareness of data security in the workplace and implementing a ‘culture of security’, will help protect businesses against fraud and help them avoid financial or legal penalties,” says Robert Guice, Senior Vice President EMEA, Shred-it.
Since April 2010, the Information Commissioner’s Office (ICO) has issued over £7 million worth of fines to organisations that have experienced a data breach. Despite such high figures and the irreversible damage to a company’s reputation as a result of a breach, businesses are still not doing enough when it comes to data security.
To ensure all companies in the UK follow similar standards in Data Protection compliance, Shred-it urges the Government to introduce legislation which ensures organisations have dedicated employees responsible for managing and monitoring data security issues on a day-to-day basis. If data security is not made a priority, businesses are left exposed to data breaches, fraud, heavy legal fines from the ICO and other regulatory bodies, and loss of customers and business partners - all of which can cause irreversible damage.