Poor industry regulation encourages data breaches

An industry figure has revealed that poor regulation is one of the main reasons companies suffer data breaches.

According to Alexei Lesnykh, business development manager for endpoint data leak prevention software solutions provider DeviceLock, a previous lack of effective data security guidelines meant that many firms did not take security as seriously as they should have.

Leaving sensitive data open to being compromised puts a company's sales strategy at risk and could hamper their attempts to generate leads.

Mr Lesnykh stressed that even vertical industries that should by their very nature prioritise data security such as financial institutions were not reporting breaches as often as they should have.

"Another reason is that organisations in other industries do not feel this pressure and have not yet really suffered from data leaks," he commented.

"So they believe the risk of financial and reputation loss from insider originated data breaches is low and unlikely to affect them."

Mr Lesnykh pointed out, however, that the situation has now changed because as of April 6th 2010, organisations can be fined up to £500,000 for serious breaches of the Data Protection Act.

A recent white paper published by Quocirca found that many companies are failing to accurate store data relating to their communications with their customers.