Two thirds of UK organisations are uninsured against the financial impact of a data breach, a survey has revealed.
NTT Security’s Risk:Value 2018 report found that only 29% of organisations have dedicated cyber insurance in place, despite 81% of senior executives touting insurance against data breaches as “vital”. According to the report, which examines business attitudes to risk and the value of information security, UK businesses would have to spend an average of £1 million to recover from a breach.
Kai Grunwitz, senior vice president for Europe at NTT Security, said: “With estimated annual losses from cyber crime now topping $400bn (£291bn) […] you would hope more organisations would be beating a path to insurers’ doors. But while the insurance sector is certainly seeing growth in the number of policies being taken out to cover such losses, it’s an issue that many senior decision makers are not on top of.”
Organisations are also fearful of damage to their brand image. Of the 1,800 respondents surveyed, 56% were most concerned about lost customer confidence and 52% were most worried about the reputational harm resulting from a breach.
Don’t be another statistic – get cyber secure
Although data breaches are becoming more common and severe, many organisations still assume they will never suffer one.
Organisations must adopt a ‘when not if’ mentality if they are to protect themselves. Effective defences can prevent the majority of attacks and help you prepare for a breach. However, nearly half (43%) of survey respondents admitted to not having an information security policy in place.
ISO 27001 is the international standard that describes the requirements for an ISMS (information security management system). Organisations that implement an ISMS will be able to secure information in all its forms, increase their resilience to cyber attacks, adapt to evolving security threats and reduce the costs associated with information security.
Implementing an ISO 27001-compliant ISMS is also integral to demonstrating data protection compliance. Even if you do suffer a breach, regulators show leniency to organisations that have certified to ISO 27001 because they are able to demonstrate that they are following information security best practice.
How Vigilant Software can help
Vigilant Software aims to make data protection, cyber security, information security and risk management straightforward and affordable for all. Drawing on our years of experience developing and deploying risk management tools and services, our products reduce the complexity of your cyber security implementation project.
Our tools – vsRisk Cloud, the Data Flow Mapping Tool, the DPIA Tool and Compliance Manager – make it easy for you to identify your legal requirements, understand the data you process and conduct information security risk assessments in line with international best practice.
Suitable for organisations of all sizes, vsRisk Cloud is a leading information security risk assessment tool that delivers fast, accurate, auditable and hassle-free risk assessments year after year. Fully aligned with ISO 27001, it significantly cuts the consultancy costs typically associated with information security risk assessments, and helps protect your organisation from the penalties and financial losses associated with data breaches.
The Data Flow Mapping Tool simplifies the process of creating data flow maps, giving you a thorough understanding of the personal data your organisation processes and why, where it is held and how it is transferred.
The DPIA (data protection impact assessment) tool walks customers through the 6 steps they must complete as part of a DPIA. You can determine quickly whether a DPIA is required (if a process is likely to result in a high risk to the rights and freedoms of data subjects). The tool will make sure that you answer all the right questions.
Avoid spending significant time and money researching relevant laws and regulations for your organisation with Compliance Manager. This software makes it easy to identify your legal and regulatory information security requirements.
Find out more
To learn more about our range of tools and protecting your organisation from a data breach, watch our short introductory videos: vsRisk Cloud, the Data Flow Mapping Tool, the DPIA Tool and Compliance Manager.
To request a demo of any of our tools, please click here.