Picture of John Meakin at Standard Chartered bank

UK security found wanting

UK business lags behind US on approach to data protection, says survey

Written by Tom Young

Computing, 22 Feb 2007

UK firms lag behind their US counterparts on IT security and data protection issues because of regulatory confusion and lack of awareness, say business groups.

Twice as many European businesses expect a major data loss in the next 12 months – 22 per cent, compared with 10 per cent in the US – according to a global survey by security supplier Symantec. And only 11 per cent rate corporate governance as critical, compared with 28 per cent of US firms.

UK business leaders say clearer legal requirements would redress the balance, pushing security issues onto boardroom agendas.

The UK would benefit from some elements of the US approach, says John Meakin, information security director at Standard Chartered Bank.

‘We would have a better understanding of the required security controls, and their cost, if we had a regulated framework such as the US,’ he said.

Corporate governance issues are handled differently under UK and US law. In the US, legislation specifies in detail exactly what firms must do, whereas in the UK regulations are at the level of principle, leaving more flexibility in how businesses comply.

We can learn from the US example without losing the benefits of our existing system, says Jim Norton, senior policy adviser at business group the Institute of Directors. ‘I prefer the UK principles-based approach, but the visibility of legislation such as the Data Protection Act at board level is very low,’ he said.

Compliance is not the only thing slipping through the gaps, says Norton. Enforcement levels are also low.

‘US firms will take more aggressive precautions regarding security because the consequences are more serious,’ he said.

‘For example, our data protection laws are adequate but the Information Commissioner has not been strict in enforcing them.’

But UK corporate governance models have the advantage of age, says David Roberts, chief executive of blue-chip user group The Corporate IT Forum.

‘The UK is at least as security conscious. And the processes are more rigorous, having been in place for 25 years,’ he said.

What do you think? Email us at: feedback@computing.co.uk

Related stories

Laws need to be enforced

EU security spend falls short

  • Have your say
  • Send to a friend
  • Print this
  • Share

reader comments

related articles

 
Communications

European net neutrality set to be restricted

Swedish Presidency aims to fast-track Telecoms Reform Package 23 Sep 2009

UK

UK companies lag behind their US counterparts in updating technology policies

Most UK organisations are failing to revisit and review the policies regarding document retention and electronically stored information (ESI), despite the widespread adoption of rapidly developing technologies, found the third annual ESI Trends Report 24 Nov 2009

Phorm

Phorm shrugs off EU probe into behavioural advertising

UK in EU hot water over Phorm’s controversial online advertising system 24 Apr 2009

related whitepapers

today's top stories

Internet

Face facts: social media is the future

No organisation can afford to ignore the way business communications are changing 18 Mar 2010

Security

Is the data watchdog about to pounce?

Experts believe the Information Commissioner’s Office is itching to use its new power to impose hefty fines for data breaches. Martin Courtney reports 18 Mar 2010

Management

Lloyd’s of London gears up for regulation

CIO Peter Hambling tells Angelica Mari about how the insurance market has updated its IT infrastructure to comply with new regulations 18 Mar 2010

Communications

Protests greet new Digital Economy Bill amendment

ISPs, digital rights groups and Liberal Democrat supporters cry foul 05 Mar 2010

Management

IT Leaders' Forum in association with IBM

A unique opportunity to hear from expert speakers and engage in a debate about the future of the CIO job function 29 Jan 2010

> More news

Advertisement

Subscribe

Keys to successful Serviceā€Oriented Architecture implementation

This white paper explores best practices and general design patterns for service oriented architecture (SOA).

The Roadmap to IT Maturity — Matching Strategy to Infrastructure for Business Success

This paper defines a roadmap for matching infrastructure strategy to business success.

Advertisement

Keep up to date with the latest products, services and technologies from the world's leading IT companies; ITHound.com brings you over 6,000 white papers, case studies and analyst reports.

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

More available - click 'submit' to view

Existing User

Newsletter user login:

Jobs

Related jobs

Job of the week

> More IT vacancies

Job alerts

  • Latest jobs to your inbox
Sign up here

Find your next job

IT Salary Checker

  • Are you being paid what you are worth?
Check salary here

Advertisement

Latest poll

NHS centralised data

NHS centralised data

Do you think the NHS can be trusted to safely look after personal data electronically?

View poll results

> More polls

Latest audio and video articles

Video

HP unveils S Series notebooks

'Prosumer' line overhauled 01 Mar 2010

Web Seminar Listings

Preparing for enterprise-scale Windows 7 migration

The web seminar on 18 Feb will discuss how Windows 7 migration can increase IT efficiency in large enterprises, freeing up budgetary and personnel resources to focus on business innovation. Our panel of experts will examine the strategies, tools and services IT leaders can use to migrate successfully and reap the rewards of increased efficiency. 19 Feb 2010

> More audio and video

Latest in-depth articles

Smiths Group CIO Brian JonesAnalysis

Q&A: Brian Jones, CIO, Smiths Group

How should conglomerates be looking at the new IT technologies coming through? Brian Jones explains. 19 Mar 2010

Analysis

What security strategy should enterprises adopt after the recession?

Act now to put your your firm on higher growth path advise CISOs 19 Mar 2010

> More in depth articles

Primary Navigation