It’s been a year since the implementation of GDPR, and it seems that businesses are as vulnerable as ever. According to a report by nCipher, 71% of the UK C-suite would be willing to cover up a data breach if they could escape the fines, compared with the 57% of managers and directors.
The survey found that while investment in employee training was second to investment in technology, IT leaders still find they lack support from the board and the wider C-suite. This is experienced within midsized companies (250–999 employees).
Peter Galvin, chief strategy and marketing officer, nCipher Security, said, “Organizations are under a greater obligation than ever to disclose data breaches, particularly when personal information is at risk, but evidently many IT leaders – particularly at C-Level – still feel they can avoid being subject to fines and other punitive measures from regulatory bodies.”
However, it’s not just the C-suite that is putting businesses at risk. According to a report by Deep Secure, almost half of office employees would be willing to sell corporate information to people outside their organization. In a company announcement, the company said that “£1,000 would be enough to tempt 25% of employees to give away company information.” Shockingly, 5% would give it away for free.
The What Is the Price of Loyalty Report reveals how 10% of respondents would also sell intellectual property, such as product specifications, product code and patents, for £250 or less. The findings also revealed that one in five (19%) of respondents in graduate-level roles admitted that they were paid to source the information, with 29% of 16–24-year-olds reporting they had been approached by someone they didn’t know to take it.
Dan Turner, CEO of Deep Secure, commented, “The cost of employee loyalty is staggeringly low. With nearly half of all office workers admitting that they would sell their company’s and clients’ most sensitive and valuable information, the business risk is not only undisputable but immense in the age of GDPR and where customers no longer tolerate data breaches.
“Given the prevalent use of digital and cyber tactics to exfiltrate this information, it’s critical that businesses invest in a security posture that will help them both detect and prevent company information from leaving the network,” he said.