PricewaterhouseCoopers (PwC) survey* shows that security initiatives are slow to adapt to new technology.
According to the report, more employees use their own mobile devices to access corporate IT systems, yet few companies have implemented policies and controls to protect the data stored on employee-owned devices. And, while organisations see the benefits of social networking sites, few monitor how the sites are used by their staff.
The survey also found that 56% of small businesses don’t check their external provider’s security, relying instead on contracts and contingency plans.
“Businesses are putting their faith in third parties to take care of their data but many are taking a laissez-faire attitude to the security element,” said Chris Potter, PwC information security partner.
Although 73% of UK organisations are using at least one cloud-based service, only 38% of large firms ensure that data held by external providers is encrypted.
* The Information Security Breaches Survey is an independent security research effort in the U.K. It is carried out every two years by PriceWaterhouseCoopers to provide a snapshot of the state of security in U.K. business.