on 13 November 18
In the digital age the threat of data loss is becoming more and more of a daily occurrence. High profile breaches such as Sony Playstation, eBay and more recently Carphone Warehouse has seen private information leaked or stolen which has resulted in brands hitting the headlines for all the wrong reasons.
That said data security isnât only an issue that needs to be considered digitally.Physical data breach is something that is still a huge threat to organisations and can yield the same results if sensitive information falls into the wrong hands.
One of the most high profile cases in recent times relates to when the serious fraud office accidentally sent over 32,000 pages of confidential documents relating to an investigation into BAE systems to the wrong person. This is a result of human error but whether accidental or malicious the outcomes are same.
High profile cases usually end up with the corporate brand being dragged through the mud. The company responsible for the loss of information has a duty to inform those directly affected which ultimately ends up in the press. Consumer, investor and shareholder confidence is directly impacted resulting in financial, operational and legal implications.
Loss of Earning
This can be an outcome from aloss of consumer confidence which results in your competitorâs capitalising from your misfortune. It could however, be something more sinister altogether. Corporate espionage could result in replica products hitting the market at a cheaper price which ultimately will drive down revenue and marketing share.
Once a loss has occurred organisations have to review and amend business processes in order to mitigate against this happening again. It may seem like shutting the gate after the horse has bolted but safeguards are required in an attempt to regain consumer trust. This maybe as complex as re-engineering how information is stored electronically or something as simple as revaluating how physical documents are disposed of and by whom.
Fines and Sanctions
After a loss of confidential data and the negative fallout associated with it the organisation could still be liable to potential fines and sanctions. For example if employee information has been leaked then employees are able to sue their employer for loss of personally identifiable information, such was the case with Sony Pictures. Industry regulators can also implement fines if they feel certain regulations arenât met. In April 2014 the EU Data Protection Regulation carried a fine of 5% of Annual Worldwide revenue or 100m Euro fine for non-compliance.
There can be no doubt that information is the life blood of any business, ensuring it remains secure is critical to success and profitability of the business. Not only is there a reliance on IT security to protect against external threats but there is a growing emphasis on people that work within the organisation. According to Forrester Research 36% of data breaches are caused by employee mistakes, making it the top cause for information loss.