MORE THAN 40 percent of organisations do not know where their data is stored, according to a report by the Institute of Directors (IoD) and Barclays.
The survey found that 59 percent of respondents now outsource data storage, but that a whopping 43 percent do not know where their data is stored.
"This is a truly frightening statistic. It effectively means that businesses are losing control of their organisation’s data, which may well be the biggest asset of a business,” said the IoD.
The report also found that under a third of respondents do not refer cyber incidents to the police, despite the major risks they pose.
Professor Richard Benham, author of the report, warned that companies must wake up to the serious nature of cyber threats and make cyber security a boardroom-level issue.
"No shop owner would think twice about phoning the police if they were broken into, yet for some reason businesses don’t seem to think a cyber breach warrants the same response,” he said.
"Our report shows that cyber security must stop being treated as the domain of the IT department and should be a boardroom priority. Businesses need to develop a cyber security policy, educate their staff, review supplier contracts and think about cyber insurance.”
The survey found that, despite this risk, only 57 percent of firms have a formal cyber security strategy in place, while just 49 percent provide cyber security training and awareness for staff.
The IoD explained that this is a major failing as human error is often at the root of many cyber incidents.
"Any cyber security strategy should include awareness training to be effective. The biggest risk as technology becomes more sophisticated is human failure," the organisation said.
The need for such training was underlined by the fact that 71 percent of respondents had received bogus invoices from crooks attempting to elicit payments. This is an increasingly common tactic among scammers, who often try to pass themselves off as top executives to expedite payment.
This type of attack hit Snapchat earlier this week after an email purporting to come from the CEO triggered the leak of staff payment information.
Only 20 percent of companies have any form of cyber insurance, despite the financial risks, but Benham believes that this will rise to 90 percent by the time the next survey is carried out.
"With the threat of cyber attacks becoming more frequent and some household names providing credible case studies, it is no surprise that many are predicting that cyber insurance cover will become a ‘must have’ for businesses," he said. µ
To hear more about security challenges, the threats they pose and how to combat them, sign up for The INQUIRER sister site Computing's Enterprise Security and Risk Management conference on 24 November.
Another fine mesh
But, er, it'll be available in pink
GeForce Now is the winter of our gaming content