Councils received the most monetary penalties for data security failings of any organisation last year, as self-reported breaches rose, research finds according to Local Govt news
According to a Freedom of Information (FOI) request from ViaSat UK, the total number of self-reported data breaches rose by 57.5% between February and March 2012/13 on the previous year, while the number of monetary penalties imposed on organisations for data security failings increased from nine to 20.
Eight of the 20 monetary penalties issued to organisations last year went to local authorities, amounting to £845,000 of charges. Four of the penalties were levied against the private sector, while NHS bodies received six.
According to the study, the majority of penalties incurred between 2011/12 and 2012/13 were a result of human error and in particular the act of sharing information inappropriately.
ViaSat UK has welcomed the findings, stating that the increasing numbers of self-reported data breaches imply problems are being more readily identified.
CEO of ViaSat UK, Chris McIntosh, said: ‘What is clear from these findings is that the human factor is still the primary cause behind data breaches. However, this doesn’t mean that organisations can assume their other defences are now airtight: a truly secure system means taking into account every single way that data could be lost or misused, from encrypting devices to making sure employees know how to use email, as well as how they interact with one another.
‘While the Information Commissioner’s Office can keep issuing undertakings and penalties, it is only widespread change in public awareness and expectations that will truly drive organisations to change.’