Data breach threat most feared crisis issue for Northern Irish businesses, research finds

Out-Law News | 25 Nov 2015 | 1:18 pm | 1 min. read

Falling victim to an information security breach is the top concern of Northern Irish businesses, according to new research conducted by Pinsent Masons, the law firm behind Out-Law.com.

A survey of businesses found that 83% view a data security breach as their "biggest corporate crisis threat", ahead of experiencing a health and safety accident, being embroiled in a bribery or corruption investigation or being responsible for environmental pollution.

Laura Gillespie, an expert in data protection law at Pinsent Masons, said: "Obviously data breaches generate considerable headlines, as we have seen in recent times with the TalkTalk example. The expanding role of e-commerce and big data in businesses of all shapes and sizes could also be factor in bringing this to the fore."

Gillespie said it is critically important for businesses to develop, test and regularly review an incident response plan so that they are ready to manage a data breach or other cyber security incident if one occurs.

"Although there are a wide variety of incidents that can hit a business, the response to minimise the impact follows common principles," she said.

The results of the survey were revealed at a joint interactive crisis workshop run by Pinsent Masons and the Northern Ireland Chamber of Commerce and Industry. Representatives from the Information Commissioner's Office and Competition and Markets Authority spoke at the event.

Ann McGregor, chief executive of the Northern Ireland Chamber of Commerce and Industry, said the growth of the digital economy is making businesses a target of cyber criminals and that companies should take the threat seriously "to not only protect themselves but also their customers’ data".

“All businesses, irrespective of size, should have a robust, fully tried and tested and regularly revised contingency plan in place," McGregor said. "Planning is important for small businesses especially since they often lack the resources to cope easily in a crisis. Failure to plan could be disastrous – at best you risk losing business whilst you recover from the crisis – or at worst your business may never recover and may ultimately cease trading."

Earlier this month TalkTalk chief executive Dido Harding confirmed that the company expects to incur up to £35 million in "one-off costs" as a result of the data breach that hit the telecoms provider in October.

TalkTalk said it had been the subject of a "significant and sustained" cyber attack and later confirmed it had resulted in the personal data of nearly 157,000 of its customers being compromised by hackers. A UK parliamentary inquiry into the security of personal data online has been launched following the incident.