Organizations are becoming increasingly cognizant of the risks presented by data breaches. As far too many businesses have discovered, lost, stolen or exposed information can have a devastating impact, ranging from a competitive disadvantage to upset customers to fines levied by regulatory agencies.
With all of these potential penalties in mind, it is obvious that businesses of all kinds have a strong incentive to implement secure file transfer solutions and other tools and strategies which can reduce the risk of a breach. Yet as a recent study demonstrated, many IT professionals seem to under-appreciate the significance of data breaches, and may therefore not take sufficient steps to avoid such incidents. It is therefore critical for business leaders and decision-makers to take a strong stance when it comes to implementing data protection solutions.
The study, conducted by Stollznow and commissioned by Imation, included input from a wide range of Australian IT professionals, asking these individuals to highlight their biggest concerns regarding the consequences of data breaches, ZDNet reported. The most popular response, provided by 61 percent of participants, was the need to "fix the mess." This was followed by the possibility of bad media coverage at 57 percent and the possibility of fines, noted by 52 percent.
"Their personal concern is more about, 'Gee, I've got to do some work!'" explained Neil Stollznow, quantitative director for Stollznow.
Notably, less than half of participants indicated that they feared a data breach would result in a loss of customers for their businesses. Only one-third of responding IT professionals feared they would potentially lose their jobs if a data breach occurred.
However, when it came to the businesses themselves, the possibility of reputation damage was the greatest concern, cited by 60 percent of firms. This was followed by financial costs and the threat of exposed intellectual property.
As these numbers suggest, business leaders in Australia do not seem to have the same concerns when it comes to data protection. This is problematic for two reasons. First, it is clear that the IT workers who participated in this survey do not take data breaches as seriously as their employers. While presumably none of these personnel want to take on additional work, this alone is a relatively minor threat, and therefore unlikely to have a major impact on these professionals' behavior. They are therefore more likely to engage in behavior which may put corporate data at risk.
Second, IT professionals have more responsibility for ensuring that proper data protection policies are devised and implemented within a given organization than any other employees. If these workers do not appreciate the seriousness of a data breach, it is unlikely that non-technical employees will be more concerned about data integrity.
Business decision-makers must take steps to remedy this situation. Most importantly, they must convince all employees, including IT personnel, of the severity of data breaches, and then work with these professionals to create and enforce effective policies for preventing such incidents.
There are several key steps to achieving this goal. One of the most important is simply taking the time to educate personnel. Executives, managers and other business leaders should create training sessions for IT professionals and all other relevant employees which highlight the frequency of data breaches, the typical consequences and how they may be prevented.
Additionally, business leaders should establish harsher penalties for failure to abide by data security best practices. This is critical for ensuring that workers utilize the secure file transfer and other data protection tools that are available.