Irish IT Professionals Have No Trust in Social Media to Keep Personal Data Safe
- New DataSolutions survey shows that 53% of IT professionals trust their employers to protect personal data, while only 35% trust the Government
- Reputational risk (36%) is the leading motivator for cybersecurity investment with only 7% motivated by fear of GDPR fines
- 94% would notify authorities of a personal data breach within the 72-hour legal window
Dublin, 6th September 2018 – DataSolutions, the specialist IT solutions distributor, today announces results from its survey* of Irish IT decision-makers on data privacy cyber security. The findings reveal that 98% of respondents do not trust social media providers to manage their personal data carefully.
In addition to the almost universal mistrust of social media providers among IT professionals, other groups also fared poorly. The majority of IT decision makers feel that 87% of retailers, 65% of Government bodies, 63% of utility providers and 53% of banks are all not to be trusted to protect their personal data. The only group that is trusted by the majority (53%) of professionals is their own employers.
The survey discovered that trust and reputation are important factors for both users and providers when it comes to the security of personal data. Reputational risk facing businesses was cited as the biggest motivating factor for investment in new cybersecurity infrastructure for 36% of respondents. Other motivating factors included the risk of an attack occurring (24%) and financial risk (20%).
Interestingly, only 7% feel the fear of GDPR fines due is the leading motivator for cybersecurity investment, with another 7% identifying compliance requirements as the biggest motivator. However, this relatively low number does not suggest that Irish companies have largely achieved GDPR compliance since the 25th May deadline earlier this year. In fact, more than three-quarters (77%) believe their business is not fully compliant with the legislation and almost one-in-five (17%) recognise they are not compliant.
There are positive signs that companies are taking their obligations under the legislation seriously. Almost 94% of businesses claim that in the event of a loss of personal data as a result of a cyberattack, they would notify the relevant authorities within the new legal window of 72-hour. Only 3% would not make authorities aware and the average estimated time to do so for all respondents is just 19 hours.
Commenting on the research, Dave Keating, security specialist, DataSolutions, said: “It is clear from the findings that when it comes to managing personal data, trust in most organisations is at an extremely low ebb and considerable work needs to be done to rebuild trust with users. With the frequency and volume of data breaches over the past several years, it is not difficult to explain the trust issues.
“On a more positive note, IT decision makers clearly recognise the importance of a business’s reputation, with the risk of reputational damage the main driver of cybersecurity investment. Likewise, the willingness and urgency expressed by respondents to notify authorities should a data breach occur is representative of a cultural shift towards a more responsible mindset. While it is clear that companies have a long way to go to achieve full GDPR compliance, an earnest, positive and willing approach will go a long way towards building trust with an increasingly aware user audience.”
DataSolutions will host its sixth annual Secure Computing Forum in the Aviva Stadium in Dublin on Thursday, 20th September 2018. It is one of Ireland’s largest cybersecurity events and more than 400 IT and business professionals are expected to attend. This year’s forum will investigate whether the development of AI presents a silver bullet for cyber-security and look at new emerging threats. For more information visit: https://www.securecomputingforum.ie.
* This survey was commissioned by DataSolutions and carried out by TechPro in July 2018 among 111 senior IT professionals and decision-makers in businesses based in Ireland, which were typically larger enterprises.