55% of Irish Businesses Suffered at Least One Data Breach in 2015

55% of Irish organisations have seen company data stolen, hacked or otherwise compromised largely due to “negligent employees”. Are you protecting your data?

In Ireland data breaches is now a serious threat for Irish businesses with two in five now rating external hacking as one of their top three IT threats, according to a survey by Irish Computer Society. A third of Irish firms say they have seen sensitive data slip out once in 2015, while a further 22% say it has happened multiple times in the same time period.

A big issue which Irish organisations have is that they are simply unaware if they have been hacked. According to the survey a quarter are unaware if they have let sensitive data slip out. A common reason for this is down to a lack of training and policies being implemented within an organisation. Based on this survey, 41% of those who are made responsible for data protection issues within companies have had insufficient or no training. Furthermore, over 25% of Irish companies have taken no measures to protect against external data breach threats or are “not sure” whether they have done so.

The survey also revealed that companies are unclear about who is liable if a breach occurred. 41% of Irish company executives say that they would face official sanctions in the case of a data breach, while 58% say there would be no sanction or they were unaware of such sanctions.

This should now become more clear with the introduction of new EU legislation called General Data Protection Regulation (GDPR). This will be the first legislation that will apply to all countries that process data of EU residents. The GDPR states by May 2018 any organisation that holds EU client’s data and do not acknowledge a breach will face fines up to 20 million euro.

Currently, just 65% of Irish executives say that their firm had an official data breach policy. Meanwhile, over a third of Irish companies are “not confident” that staff know what procedures to follow in the event of a data protection incident. This means that organisations based in Ireland across Europe need to begin implementing information security policies that show they’re actively protecting their client’s data.

Based on the statistics it is clear human error plays a factor when data is compromised. To prevent data breaches from occurring organisations are now implementing information security frameworks that will allow transparency for all staff to ensure best practices are maintained resulting in a secure system for data.

One such system is ISO 27001 Information Security Management System. This is a globally recognised best industry standard, which provides organisations with a framework to ensure best practices are being incorporated and maintained. This can be adapted to any organisation regardless of size, or number of locations. The standard also provides a framework on how best to manage a data breach if it occurs.

From our experience of working with client’s that implement systems like ISO 27001 and go for certification, having a management system in place provides confidence assurance and certainty to clients, employees and stakeholders alike that you are managing the risk of future security breaches to the highest industry standards.

Also, with the newly introduced GDPR coming into effect, ISO 27001 certification will help your business comply, plus any further Information security legislation.

If you would like to learn more about ISO 27001 and how it can be adapted to suit your company’s needs, speak to one of our advisors.

Robert Lyons
Robert Lyons

Social
Share

Related ISO Certifications

Certification Europe small Rosette logo symbol

ISO 9001

Quality Management System

Quality Management System ISO 9001 is an internationally recognised global standard that confirms an …
Certification Europe small Rosette logo symbol

ISO 14001

Environmental Management System

ISO 14001 Environmental Management System ISO 14001 is the global standard for organisations wanting …
Certification Europe small Rosette logo symbol

ISO 45001

Occupational Health and Safety

Occupational Health and Safety ISO 45001 is an international standard that specifies requirements for …
Certification Europe small Rosette logo symbol

ISO 50001

Energy Management System

Energy Management Systems ISO 50001 is a global standard for organisations looking to improve …
Certification Europe small Rosette logo symbol

ISO 27001

Information Security Management Systems

Information Security Management Systems ISO 27001 is the international standard for managing risks related …
Certification Europe small Rosette logo symbol

ISO 22301

Business Continuity Management Systems

Business Continuity Management Systems ISO 22301 is the business continuity management system (BCMS) standard. …
Certification Europe small Rosette logo symbol

ISO 20000-1

IT Service Management Systems

IT Service Management Systems ISO 20000-1 Service Management is the international standard for quality …
Certification Europe small Rosette logo symbol

ISO 13485

Medical Devices

Medical Devices ISO 13485 is a globally recognised quality standard that identifies the requirements …
Certification Europe small Rosette logo symbol

ISO 27701

Privacy Information Management Systems

Privacy Information Management Systems ISO 27701 is the global standard for Privacy Information Management …
Certification Europe small Rosette logo symbol

BS 10012

Personal Information Management System

Personal Information Management System BS 10012 provides a framework for a Personal Information Management …
Certification Europe small Rosette logo symbol

ISO 27018

Protection of Personally Identifiable Information (PII)

Protection of Personally Identifiable Information (PII) ISO 27018 is the global standard organisations use …
Certification Europe small Rosette logo symbol

ISO 27017

Cloud Data Protection

Cloud Data Protection ISO 27017 is the global standard used by organisations to strengthen …
Previous
Next

Related Insights

How to make small business sustainability a priority

Small business sustainability is becoming a priority in the drive towards Ireland becoming net zero – here’s…

What is circular economy and what does it mean for organisations?

The circular economy is not a new phenomenon. Read our breakdown of what the circular economy is…
Previous
Next