Many business leaders are failing to disclose if their business has been affected by a cyberattack or data breach (opens in new tab), a new report has found.
Research by password manager (opens in new tab) firm Keeper Security found that more than a third (36%) senior IT leaders kept a cyberattack to themselves, mostly due to the “weight of responsibility”.
Even though the General Data Protection Regulation (GDPR) demands businesses to disclose, as quickly as possible, when they suffer a data breach or cyberattack, many business leaders still decide to sit on this information.
- Here’s our list of the best endpoint protection software (opens in new tab) right now
- We’ve built a list of the best malware removal (opens in new tab) on the market
- Check out our list of the best firewalls (opens in new tab) available
Most organizations are aware of the problem, but many aren’t doing much to address it. Some have even relaxed their cybersecurity policies to allow their employees to work remotely (opens in new tab), signaling that for many - security has taken a back seat during the lockdown.
More than nine in ten (92%) of businesses in the UK suffered a cyberattack in the last 12 months, the report found. As a result, over three-quarters (78%) don’t feel prepared to deal with such a threat, while a third (31%) expect Chief Technology Officers (CTO) to carry this burden alone. CTOs, on the other hand, often make the problem worse, as 32% admitted to using weak credentials. They often use words such as “password” or “admin” for passwords.
Major risk for SMBs
It is then perhaps unsurprising that Keeper Security found how 58% of IT professionals feel employees at their organizations do not understand the full consequences of poor cyber-hygiene.
Even though the UK effectively abandoned the EU after Brexit, GDPR still plays a major role. Organizations that manage data from EU-based citizens still need to be compliant, and the UK’s own data protection policies are synchronized with those of the EU, as well.
SMBs that fail to protect their sensitive data could be forced to pay a fine, and would be looking at a ruined brand reputation and brand loyalty. Multiple studies have shown that customers would gladly abandon the company that gets breached and often worry about how the data they share with companies is being used. All these things can have a major negative effect on the bottom line.
- Here’s our rundown of the best antivirus (opens in new tab) out there