More than half of mid-sized businesses across Europe would refuse to do business with an organisation which has suffered a data breach, despite the fact many see data loss as just another part of everyday business.
That is according to the second annual pan-European Information Risk Maturity Index by global information management firm Iron Mountain and professional services provider PwC, which examined how companies expect to respond to information risk.
It found that companies are experiencing up to a 50 per cent increase in data breaches per year. The report suggests European firms' approach to data management is marred by confusion, inconsistency and double standards.
The study reveals that despite the risks to business revenue and credibility associated with data loss, more than 60 per cent of organisations surveyed believe cutting costs is more important than investing in proper protection against the loss of data. Many of the businesses told Iron Mountain and PwC that they do not have a proper risk information strategy in place.
"There is a growing gap between attitude and action at a time of increasing complexity and rising threats to information security," said Christian Toon, senior information management and security professional for Iron Mountain.
"Businesses are unsure what to do or where to turn. It is critical that they adopt a responsible approach to information management, not just to deserve and preserve their brand reputation and customer loyalty, but to ensure that other firms will want to keep doing business with them."
Meanwhile, PwC risk assurance partner Claire Reid warned that too many organisations are too complacent with their approach to protecting information.
"Too many European companies continue to undervalue their information assets and overestimate their ability to protect them. This is no longer a lack of awareness; it's a lack of action," she said.
"Information underpins market position and customer confidence, and any kind of information loss can deliver catastrophic reputational damage.
"As information breaches increase at a spectacular pace, European companies need to understand that failing to take action to safeguard information means they will almost certainly become a victim."