Human error risks multiply as UK dependence on technology grows

The 2008 Information Security Breaches Survey undertaken by PricewaterhouseCoopers for BERR, says that 67 per cent of UK companies have no measures whatever to prevent data being copied onto and/or leaving their premises on memory sticks, while a staggering 78 per cent of UK companies reporting stolen computers also admitted that the hard disks weren’t encrypted.

Research into data security breaches in both the public and private sectors suggest that, while technical and IT responses to external and internal threats have improved significantly, the human factor remains a major problem.

And while the BERR Information Security Breaches Survey concludes that 84 per cent of UK businesses are heavily dependant on their IT systems, customer facing public sector bodies are close to 100 per cent reliant on IT and database management.

PwC’s extensive expertise in data security risk assessment suggests that organisations should set out and implement seven clear data security goals:

• Understand the security threats they face including the value (legitimate and criminal) of data within their organisation;
• Undertake a risk assessment to identify areas that are exposed and ensure future investment is targeted in the right areas;
• Integrate security into normal business behaviour, through clear policy and staff education;
• Deploy integrated technical controls and keep them up to date;
• Respond quickly and effectively to breaches, e.g. planning ahead for contingencies;
• Integrate their approach to governance, risk management and compliance; and
• Test that security controls in place are effective.

Contact details
Email: Gerry Carson
Tel: +44 (0)28 9041 5366