FOCUS: Most companies will have an information security breach in most years, so businesses should focus on preparing for incidents, because they are inevitable.
The increase in the volume of data that businesses now store; the growing use of mobile devices, and the trend of users connecting their own devices to corporate networks are factors making data breaches more likely. And proposed changes to EU law mean that organisations will no longer be able to keep breaches a secret.
Government research has found that 87% of all UK SMEs and 93% of firms with more than 250 staff had experienced at least one security breach in 2012. This means that nobody can escape data breaches. What will increasingly matter is how well prepared you are and how you deal with them.
Many organisations still try to hide the fact that breaches exist and manage them behind closed doors, but changes to EU law mean that this option is about to be removed. EU governmental bodies are wrangling over a General Data Protection Regulation that is likely to force many more organisations to report publicly on many more data breaches.
This means that keeping a breach a secret will no longer be an option, and it means that organisations will have to be clearer than ever about how they deal with them. Organisations might not welcome the development, but evidence shows that those with detailed data breach and cyber security plans are the ones that deal best with the fallout from a breach.