An ICO (Information Commissioner’s Office) report has found that 45% of customers don’t trust organisations with their personal data.
This is hardly surprising, given the constant news stories about cyber attacks and organisations mishandling personal data. In the past few days alone, Facebook has been embroiled in another security incident, Uber was fined $148 million (about £114 million) for covering up a data breach, Bupa was fined £175,000 for a data breach and the Conservative Party disclosed a security vulnerability on its app.
And this only covers stories that made national news. For every big data breach, there are dozens of smaller cases, such as the compromise of 65,000 Gloucestershire residents’ personal data and the accidental disclosure of 132 students’ email addresses by the University of the Highlands and Islands.
Customers’ lack of trust has real-world consequences, with the ICO reporting a 15% increase in data protection complaints and a 5% increase in freedom of information complaints. If someone submits a complaint (which you can do on the ICO website), the ICO may investigate the organisation, ask it to solve the problem and offer advice.
It’s possible – probable, in fact – that this rise in complaints correlates with improved security practices. After all, the increase in complaints doesn’t necessarily mean organisations are worse at protecting data – only that people are more aware of the importance of information security. They are better equipped to spot when organisations are doing something wrong, and they know who to talk to about it.
Likewise, the dangers of data breaches won’t have escaped organisations’ attention, and many have strengthening their defences accordingly. The ICO’s report evidences this, saying it “received a huge increase in telephone, live chat and written queries from the public and organisations, with new telephone services for small organisations and for self-reported breaches. In the final quarter we had 30,000 more calls than in the previous three months”.
Is your business data breach ready?
Organisations that want to improve their information security practices and gain customers’ trust need to make sure they are better prepared. For many businesses, that means starting the cyber compliance journey; for others, it means maintaining, updating and upgrading their cyber security measures.
Vigilant Software aims to make data protection, cyber security, information security and risk
management straightforward and affordable for all. Drawing on our years of experience developing and deploying risk management tools and services, our product range eliminates the complexity of your cyber security implementation project.
easy for you to identify your legal requirements, understand the data you process and conduct
information security risk assessments in line with international best practice.
Suitable for organisations of all sizes, vsRisk Cloud is a leading information security risk assessment tool that delivers fast, accurate, auditable and hassle-free risk assessments year after year. Fully aligned with ISO 27001, it significantly cuts the consultancy costs typically associated with information security risk assessments, and helps protect your organisation from the financial penalties and losses associated with data breaches.
The Data Flow Mapping Tool simplifies the process of creating data flow maps, giving you a thorough understanding of the personal data your organisation processes and why, where it is held and how it is transferred.
Avoid spending significant time and money researching relevant laws and regulations for your organisation, with Compliance Manager. The software makes it easy to identify your legal and regulatory information security requirements.
Find out more about protecting your organisation from a data breach
To request a demo of vsRisk, the Data Flow Mapping Tool or Compliance Manager, please click here.
*** This is a Security Bloggers Network syndicated blog from Vigilant Software Blog authored by Ingrid Then-Guiraut. Read the original post at: https://www.vigilantsoftware.co.uk/blog/why-customers-dont-trust-your-organisation-with-their-personal-data/