Despite hefty penalties, UK businesses are failing to take appropriate steps to protect information

Cyber War

A year on from the European Commission’s revision to data protection legislation, new research from information storage and management company Iron Mountain reveals that more than half of UK businesses expect to lose data.

The commission can fine companies of up to €1m, or 2% of annual revenue for a data breach. However, these penalties appear to have had little effect on most firms.

Two-thirds, 66.7%, of UK respondents to the Iron Mountain survey stated that the threat of fines was having little effect on their company’s data protection policies to protect sensitive information.

However, 84% of respondents said that they have insured or are looking at insuring their business against the financial consequences of a data breach.

Iron Mountain head of information risk Christian Toon said: “The fact that more than half of European organisations see data loss as an inevitability is worrying. It illustrates that businesses of all sizes are failing to take appropriate steps to protect information. It seems many would rather insure against the cost of a breach than take steps to prevent it.

“By thoroughly understanding the risks to both paper documents and digital data, and by developing a culture of information responsibility, or what people are calling ‘corporate information responsibility’, firms can protect against data loss and restrict the impact of any breach to a minimum.”