Expert comment on Government Survey on UK Big Business Breaches

Following the news that a UK Government survey revealed that two-thirds of big UK businesses have been hit by a cyber-attack in the past year, Lee Meyrick, Director of Information Management at Nuix provided the following comments on the steps enterprises need to take in order to protect their data from cyber threats;

“Information transparency can have huge impact on how secure an organisation is from data breaches—whether these are internal or external– and how effectively it can respond to incidents.

The first step towards responding efficiently to breaches and closing information security gaps quickly, is understanding where important data is stored. This is easier said than done, as about 80% of organisational data is unstructured, meaning it’s in complex formats – such as emails, databases, photos, and presentations– that are difficult to search and understand. As a result, while 96% of organisations have an incident response plan in place, not all understand where their data lies across the enterprise. 

The key principle is making sure the only people who can access high-risk data are those who need to for day-to-day work. In order to achieve this, information security, information governance and records management specialists need to become “good shepherds” of their data. They should know where all their sheep are, segregate them into separate fields, make sure the fences between fields are sound and regularly check to ensure the sheep are healthy. In this way, even if a wolf manages to get into one of the fields, most of the flock will be safe.

Information governance technology can locate data “in the wild” and move them to controlled, siloed repositories protected with encryption, access controls and retention rules, and apply policies to ensure only authorised staff members have access to important information using devices appropriate for the type of data.”