Data Privacy - Photo by Adeolu Eletu on Unsplash

Following this year’s Data Privacy Day 2021, there has been a great focus on the cyber security landscape across the UK, particularly businesses in the UK’s largest cities where working from home is the norm, and they are to be impacted by Brexit regulations while recovering from the pandemic.

It’s important to note that the consequences of bad data protection for British businesses go beyond just data loss and fines – our research found that the top three consequences of data breaches for UK organisations were unplanned expenses to fix security gaps (36%), customer churn (14%) and a decrease in new sales (12%).

With the majority of the country still having to work, learn and shop remotely, organisations will continue to suffer the repercussions of quick-fix decisions made to in a hurry to enable this change. In 2021, the UK will be distracted by post-pandemic recovery on top of the chaos surrounding Brexit uncertainty, making British organisations prime targets for hackers to exploit the security gaps caused by the inevitable mistakes during last year’s rapid transition. Our research also found that in 2020, over half (52%) of British organisations were victims of phishing, while almost a quarter (23%) experienced ransomware or other malware attacks. Unfortunately, 28% of UK organisations took weeks to discover insider data theft, while 29% took months to recover from data theft caused by hackers.

UK businesses also prioritised productivity over security, which has made misconfigurations inevitable, resulting in overexposed data. I expect we will see new data breach patterns that are low effort for hackers but high impact, like last year’s Twitter account takeovers. To ensure their data privacy policies are fit for purpose, I suggest organisations return to cybersecurity fundamentals and focus on ensuring that sensitive data resides only in secure locations, data is not overexposed and excessive access rights are revoked.

Advertisement
Advertisement