Brand owners might talk a good game when it comes to data governance but behind closed doors they are much more Machiavellian, with the vast majority willing to cover up a data breach if they could get away with it.
According to a new report by nCipher Security, three-fifths (61%) of IT leaders in the UK would gladly cover up a data breach if they could escape fines. C-level executives are even more eager, with nearly three-quarters (71%) of them claiming they would happily keep schtum to avoid regulatory action.
GDPR, of course, demands quite the opposite. Businesses are obliged to disclose a data breach within 72 hours, and to communicate with both the public and law enforcement agencies on regular basis.
nCipher Security chief strategy and marketing officer Peter Galvin insists businesses should implement the right security measures up front, to avoid finding themselves in such a situation.
He added: “Organisations are under a greater obligation than ever to disclose data breaches, particularly when personal information is at risk, but evidently many IT leaders – particularly at C-level – still feel they can avoid being subject to fines and other punitive measures from regulatory bodies.
“By implementing the right security measures to protect their business critical information and applications up front by using tools such as encryption, investing in training and talent as well as understanding the regulatory landscape, businesses can take steps to avoid a damaging breach in the first place.”
Late last year, Uber was whacked with fines of more than £900,000 by UK and Dutch regulators for showing “complete disregard” for the personal information of both customers and drivers after it covered up a 2016 hack attack for over a year.
Related stories
Half of UK firms would pay ransom to avoid GDPR fine
Uber fined £900,000 over ‘complete disregard’ for data
TalkTalk back in dock for keeping quiet over stolen data