Data breaches drive firms to boost security investments

Credit: solarseven via iStock

The majority of firms are looking to increase spending on their cyber security defences in response to a series of high-profile data breaches.

This is according to a new survey of executives and IT professionals conducted by EY, which found two-thirds of companies expect to increase their investments in this area by at least five per cent over the next year.

According to the Financial Times, which reported the study, training is set to be a key area of focus for many companies when it comes to protecting their digital assets. 

Gavin Cartwright, associate partner at EY, suggested one reason for this is because many IT activities are moving beyond company servers and into the cloud, which makes it more difficult for IT staff to monitor the activities of their employees.

The research found careless or ignorant employees are regarded as the biggest vulnerability for businesses, and as no matter how much automation is deployed to manage data, it will always be impossible to cut humans entirely out of the process. Therefore,  focusing on this area is paramount.

Mr Cartwright added: "Financially and reputationally there is a recognition that security needs to play a bigger role than it has. The mindset has shifted.

This change in attitude may be down to the large volumes of data breaches that are now being reported on a regular basis. Figures from Gemalto show 4.5 billion records have been compromised in the first six months of this year, more than double the figure for 2017.

Large scale breaches from Facebook and Twitter helped to contribute to this, while a large-scale leak in India's Aadhaar biometric identity database could have impacted over a billion people's data.

New regulations such as the EU's General Data Protection Regulation, which came into force in May, have also demanded that companies increase their focus on security. As this greatly increases the potential penalties for data breaches, the financial cost of a major incident is now much higher than in the past, in addition to the reputational damage a firm may incur.