Two-thirds of organisations hit by data breach in last year

Data breaches are rising in number

More than two-thirds (70 per cent) of UK organisations have been hit by at least one data breach incident within the past year, up from 60 per cent in the previous year, according to research from the Ponemon Institute.

The number of firms experiencing multiple breaches was also up, with 12 per cent of respondents admitting to more than five data loss incidents in the 12-month period, up from three per cent a year ago.

Only 57 per cent of these incidents were publicised, as there is currently no legal requirement to do so in the private sector, though firms must report breaches to the Information Commissioner's Office (ICO).

The public sector experienced the highest number of data loss incidents in the last year, reporting an average of 4.48 breaches per organisation.

Financial services firms were the next most likely to suffer data loss with an average of 3.11 incidents per year, followed by the education sector with 2.74, healthcare and pharmaceutical firms with 2.65 and the professional services industry with 2.52 incidents a year. The entertainment, media and defence sectors reported no data breaches.

There is increasing appetite for solutions that can alleviate the task of managing encryption keys across the whole of the organisation, said Dr Larry Ponemon, chairman and founder of The Ponemon Institute.

“On the whole, UK businesses are looking closely at platform-based encryption solutions – with built-in key management capabilities – rather than point solutions supplied by multiple vendors," he said.

"This doesn’t just make sense from a management or cost point of view. This study clearly illustrates that a unified approach reduces the risk of data loss. "

Despite the rising number of data breaches, UK organisations are aware of the consequences of such incidents, with 61 per cent of respondents stating that data protection played an important or very important role in an organisation’s overall risk management efforts.

Some 46 per cent felt encryption helped them meet privacy commitments and 45 per cent believed encryption was a critical factor in protecting a company’s reputation.

Recent research, also conducted by the Ponemon Institute, found that the average UK data breach costs a total of £1.7m - the equivalent of £60 for every record compromised.

The survey polled IT security professionals at 615 enterprises and public-sector organisations and was conducted on behalf of vendor PGP Corporation.