According to research from Iron Mountain and PwC, mid-sized businesses in the UK are Europe’s “worst performers when it comes to managing information risk”.
“It’s a surprise that UK businesses fared so badly in this study, particularly when high-profile data breaches receive such widespread media attention in the UK, seriously damaging brand reputation,” said Christian Toon, head of information risk at Iron Mountain Europe.
Hungary came out on top with the highest overall index score against other European countries, indicating that its protection of information security is the highest in this study.
Toon concluded that although many “British businesses have a data protection and information risk strategy in place, most fail to monitor its success”. This is counteracted with Hungary’s high level of ISO certifications where businesses are more likely to have training programmes, clear guidance and employee comminucation programmes in place.
The study surveyed senior managers at 600 mid-sized companies across UK, France, Germany, the Netherlands and Spain to compile Europe’s first Information Risk Maturity Index.
Source: Net Security
Make sure you don’t let the side down, by having an Information Security policy in place and following through with it.
ISO27001 is the world’s only internationally recognized cyber security management standard for an Information Security Management System (ISMS). ISO27001 helps business create a best in class ISMS which can be independently audited and certified.
Simplify your journey towards ISO 27001 certification with the Standalone ISO27001 ISMS documentation toolkit. This will save you months of work, help you avoid costly trial-and-error dead-ends, and ensure that all your ISO27001 ISMS documentation is drafted in line with the ISO27001 standard.