When it comes to data and information protection risks and compliance, companies still have a long way to go. This seems to be the main conclusion of recent research studies across Europe and the US. But will organisations adapt fast enough to face the growing number of threats, such as the ones coming from social media?
In March, PWC and Iron Mountain published the conclusions of their first European Risk Maturity Index. It was the result of a survey of 600 mid-sized companies (250 to 2500 employees) in the UK, France, Germany, the Netherlands, Spain and Hungary.
The index is based on a weighted risk maturity excellence model comprising four separate elements: strategy, people, communications and security. Scores in each of these areas are applied to individual companies, with a score of 100 being excellent. “A score of anything less than 50,” says the report, “is bad news for companies, their customers and their collective peace of mind.”
Across the entire sample, the average index score was only 40.6. Over 48% of the surveyed organisations suffered damage to their reputation as a result of lost or misplaced information.
With almost complete penetration of social media across organisations it is no wonder that many of the information risks are related to this area. According to Symantec, in one year a typical organisation suffers 9 social media related incidents. 46% of respondent companies nominate employees’ sharing of too much information through social media as the main cause for these incidents.
The European Risk Maturity Index points towards three factors which led to the worrying index scores:
- Only 50% of surveyed businesses cite information risks as one of their top 3 overall business risks
- Only 36% have an effectively monitored information risk strategy in place
- 60% of businesses are unsure if they have the necessary tools to protect against information risks
After including information risks in their boardroom agenda, organisations need to focus on developing the right behaviours among their employees and on adopting the right technology tools. A Ventana research released last month shows that “companies haven't invested in readily available technology to cut the cost of meeting their financial and operational compliance requirements." As Robert Kugel, Senior Vice President and Research Director observed, "they don't always have the data that would improve the effectiveness of their financial and operational risk management. And they haven't employed controls that can ensure the integrity of their IT systems and reduce the cost of internal and external audits."
At CrowdControlHQ, we specialise in social media management and monitoring software systems that help organisations reduce the internal and external risks they face on social media. If you wish to find out more about these risks and how they can be controlled, download our white paper or contact us directly.