Home » Managing » Cyber Security » UK firms lag far behind European competitors in data protection

UK firms lag far behind European competitors in data protection

Praseeda Nairby Praseeda Nair

A new study has found that the UK consistently trails behind the rest of Europe when it comes to information risk and protecting sensitive information.

For third year running, UK firms have fallen behind their European counterparts when it comes to managing and responding to information risk.

UK mid-market firms were given a score of 55.9 out of 100 this year in the latest Information Risk Maturity Index from security firm Iron Mountain and global business consultants PwC.

This puts them far behind leading European country Hungary, which had a score of 60.2, and is not not much improvement from last year’s UK score of 55.4.

Despite a string of high-profile data breaches and upcoming reforms to EU data protection legislation, businesses appear to have reached a plateau and may not be fully equipped for cyber security risk.

‘UK firms have some way to go if they are to catch up with their European counterparts,’ said Phil Greenwood, commercial director at Iron Mountain. ‘For the third year running they have failed to match the average European score. It is critical that companies address this if they are to adopt a responsible-yet-proactive approach to information risk and value, not just to protect the business, but to help it thrive.’

Based on the findings of the Information Risk Maturity Index, Iron Mountain has identified a set of steps and actions to help businesses improve their data security.

This includes making information risk a boardroom issue by ensuring that it is a permanent point on the board’s agenda, that there is a senior individual on the Board responsible for it, and that it is embedded into how the Board monitors overall corporate performance.

It also advises a change in workplace culture, and stresses the importance of designing and delivering information security awareness programmes, having the right guidance available for every person at every level, and rewarding and reinforcing good behaviours throughout the organisation, from the most junior to the most senior employee.

Lastly, businesses need to put the right policies and processes in place – and ensure these cover all information formats (electronic, paper or media). Also, it is important to define any vulnerabilities relating to manual information handling, establish whistle blowing protocols, and review and test all systems and processes on a regular basis.

Praseeda Nair

Praseeda Nair

Praseeda was Editor for GrowthBusiness.co.uk from 2016 to 2018.

Related Topics

Data

Related Stories

Cyber Security

12 cybersecurity questions every VC should ask

VC portfolio companies can suffer a one-third drop in enterprise value if they’ve been crippled by a cyber attack. Ian Shelby says there are a dozen questions VC investors need to ask potential investments

Cyber Security

Five ways to boost SMB cyber defence so you can focus on growth

Want to boost your cybersecurity? Check out these five ways to strengthen your defences against attacks

Cyber Security

Cloud security posture management (CSPM): A must-have for modern businesses

Here, we talk about what cloud security posture management (CSPM) is and why you need it for your business

Cyber Security

Why securing a hybrid work environment is essential against DDoS

Hybrid working offers cyber criminals even more opportunity to ransack company systems, holding them to ransom. That’s when you need to call in a cybersecurity expert